Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227931 6.4 警告 professional home page tools - Professional Home Page Tools Guestbook の管理ログインにおけるパスワードを推測する総当り攻撃を実行される脆弱性 - CVE-2006-3753 2012-12-20 18:02 2006-07-21 Show GitHub Exploit DB Packet Storm
227932 7.5 危険 professional home page tools - Professional Home Page Tools Guestbook の class.php における SQL インジェクションの脆弱性 - CVE-2006-3752 2012-12-20 18:02 2006-07-21 Show GitHub Exploit DB Packet Storm
227933 6.8 警告 htmlarea3 - ImageManager 用の HTMLArea3 Addon Component における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-3751 2012-12-20 18:02 2006-07-21 Show GitHub Exploit DB Packet Storm
227934 6.8 警告 hashcash - Joomla! 用の com_hashcash の server.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-3750 2012-12-20 18:02 2006-07-21 Show GitHub Exploit DB Packet Storm
227935 6.8 警告 Mambo Foundation - Mambo 用の Sitemap コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-3749 2012-12-20 18:02 2006-07-10 Show GitHub Exploit DB Packet Storm
227936 6.8 警告 mamboxchange - Mambo 用の LoudMouth コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-3748 2012-12-20 18:02 2006-07-21 Show GitHub Exploit DB Packet Storm
227937 4.3 警告 swsoft - SWsoft Plesk のコントロールパネルにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3737 2012-12-20 18:02 2006-07-21 Show GitHub Exploit DB Packet Storm
227938 7.5 危険 Mambo Foundation - Mambo 用の VideoDB コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3736 2012-12-20 18:02 2006-07-10 Show GitHub Exploit DB Packet Storm
227939 5.1 警告 mail2forum - phpBB 用の Mail2Forum モジュールにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3735 2012-12-20 18:02 2006-07-21 Show GitHub Exploit DB Packet Storm
227940 7.2 危険 シスコシステムズ - CS-MARS 用の CLI におけるルート権限で任意のコマンドを実行される脆弱性 - CVE-2006-3734 2012-12-20 18:02 2006-07-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212731 - apple watchos
iphone_os
mac_os_x 		The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) vi… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-5925 2024-11-21 11:34 2015-10-24 Show GitHub Exploit DB Packet Storm
212732 - apple iphone_os
mac_os_x 		The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-5924 2024-11-21 11:34 2015-10-24 Show GitHub Exploit DB Packet Storm
212733 - owncloud owncloud The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x before 7.0.7, and 8.0.x before 8.0.5 does not consider that NULL is a valid getPath return value, which allows remote authenticated users… NVD-CWE-Other
CVE-2015-5954 2024-11-21 11:34 2015-10-22 Show GitHub Exploit DB Packet Storm
212734 - owncloud owncloud Cross-site scripting (XSS) vulnerability in the activity application in ownCloud Server before 7.0.5 and 8.0.x before 8.0.4 allows remote authenticated users to inject arbitrary web script or HTML vi… CWE-79
Cross-site Scripting 		CVE-2015-5953 2024-11-21 11:34 2015-10-22 Show GitHub Exploit DB Packet Storm
212735 - linux linux_kernel The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that trig… CWE-399
 Resource Management Errors 		CVE-2015-6252 2024-11-21 11:34 2015-10-19 Show GitHub Exploit DB Packet Storm
212736 - cisco asr_5000_software Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and 19.0.M0.61045 allow remote attackers to cause a denial of service (vpnmgr process restart) via a crafted header in a TACACS packet, aka … CWE-20
 Improper Input Validation  		CVE-2015-6334 2024-11-21 11:34 2015-10-16 Show GitHub Exploit DB Packet Storm
212737 - cisco application_policy_infrastructure_controller Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-6333 2024-11-21 11:34 2015-10-16 Show GitHub Exploit DB Packet Storm
212738 - qnap qts Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by levera… CWE-22
Path Traversal 		CVE-2015-6003 2024-11-21 11:34 2015-10-16 Show GitHub Exploit DB Packet Storm
212739 - microsoft jscript
vbscript
internet_explorer 		The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from p… CWE-200
Information Exposure 		CVE-2015-6059 2024-11-21 11:34 2015-10-14 Show GitHub Exploit DB Packet Storm
212740 - microsoft edge Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS… CWE-79
Cross-site Scripting 		CVE-2015-6058 2024-11-21 11:34 2015-10-14 Show GitHub Exploit DB Packet Storm