Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227671	7.5	危険	the address book	-	The Address Book における SQL インジェクションの脆弱性	-	CVE-2006-4575	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

227672	5.1	警告	Simple Machines	-	Simple Machines Forum の Sources/ManageBoards.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2006-4564	2012-12-20 18:02	2006-09-5	Show	GitHub Exploit DB Packet Storm

227673	6.8	警告	PHPNUKE	-	PHP-Nuke 用の MyHeadlines モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4563	2012-12-20 18:02	2006-09-5	Show	GitHub Exploit DB Packet Storm

227674	7.5	危険	retro64	-	Retro64 / Miniclip CR64Loader ActiveX コントロールにおけるバッファオーバーフローの脆弱性	-	CVE-2006-4555	2012-12-20 18:02	2006-09-5	Show	GitHub Exploit DB Packet Storm

227675	7.5	危険	Plume CMS	-	Plume CMS における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4533	2012-12-20 18:02	2006-09-1	Show	GitHub Exploit DB Packet Storm

227676	5	警告	qbik	-	Qbik WinGate におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4518	2012-12-20 18:02	2006-11-28	Show	GitHub Exploit DB Packet Storm

227677	4	警告	The Tor Project scatterchat	-	Tor および ScatterChatどにおける任意の Tor トラフィックをルーティングされる脆弱性	-	CVE-2006-4508	2012-12-20 18:02	2006-08-31	Show	GitHub Exploit DB Packet Storm

227678	4.6	警告	ソニー・コンピュータエンタテインメント	-	PSP の Photo Viewer の libTIFF における任意のコードを実行される脆弱性	-	CVE-2006-4507	2012-12-20 18:02	2006-08-31	Show	GitHub Exploit DB Packet Storm

227679	7.5	危険	ztml	-	ezPortal/ztml CMS における認証コントロールを回避される脆弱性	-	CVE-2006-4502	2012-12-20 18:02	2006-08-31	Show	GitHub Exploit DB Packet Storm

227680	7.5	危険	ztml	-	ezPortal/ztml CMS の index.php における SQL インジェクションの脆弱性	-	CVE-2006-4501	2012-12-20 18:02	2006-08-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211771	5.9	MEDIUM Network	php	php	main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory c…	CWE-119 CWE-362 Incorrect Access of Indexable Resource ('Range Error') Race Condition	CVE-2015-8878	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211772	7.5	HIGH Network	libgd php	libgd php	The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows …	CWE-399 Resource Management Errors	CVE-2015-8877	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211773	9.8	CRITICAL Network	php	php	Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL…	NVD-CWE-Other	CVE-2015-8876	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211774	7.5	HIGH Network	php canonical	php ubuntu_linux	The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, w…	CWE-310 Cryptographic Issues	CVE-2015-8867	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211775	9.6	CRITICAL Network	php canonical suse opensuse	php ubuntu_linux linux_enterprise_software_development_kit linux_enterprise_module_for_web_scripting leap opensuse	ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote att…	CWE-611 XXE	CVE-2015-8866	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211776	6.1	MEDIUM Network	wordpress	wordpress	Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored…	CWE-79 Cross-site Scripting	CVE-2015-8834	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

211777	7.3	HIGH Local	php apple	php mac_os_x	The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, whi…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-8865	2024-11-21 11:39	2016-05-20	Show	GitHub Exploit DB Packet Storm

211778	7.5	HIGH Network	opensuse php	leap php	Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-8874	2024-11-21 11:39	2016-05-16	Show	GitHub Exploit DB Packet Storm

211779	7.5	HIGH Network	php opensuse	php leap	Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service (segmentation fault) …	CWE-20 Improper Input Validation	CVE-2015-8873	2024-11-21 11:39	2016-05-16	Show	GitHub Exploit DB Packet Storm

211780	5.9	MEDIUM Network	php	php	ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof serve…	CWE-284 Improper Access Control	CVE-2015-8838	2024-11-21 11:39	2016-05-16	Show	GitHub Exploit DB Packet Storm