Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228051 2.1 注意 シマンテック - SODP の SODA および Virtual Desktop モジュール における重要なデータを読み取られる脆弱性 - CVE-2006-3457 2012-12-20 18:02 2006-08-1 Show GitHub Exploit DB Packet Storm
228052 4.3 警告 シマンテック - Symantec AntiVirus Corporate Edition などで使用される SAVRT.SYS デバイスドライバにおける任意のコードを実行される脆弱性 - CVE-2006-3455 2012-12-20 18:02 2006-10-23 Show GitHub Exploit DB Packet Storm
228053 7.2 危険 シマンテック - Symantec AntiVirus Corporate Edition などにおけるフォーマットストリングの脆弱性 - CVE-2006-3454 2012-12-20 18:02 2006-09-13 Show GitHub Exploit DB Packet Storm
228054 5.1 警告 アドビシステムズ - Adobe Acrobat におけるバッファオーバーフローの脆弱性 - CVE-2006-3453 2012-12-20 18:02 2006-07-11 Show GitHub Exploit DB Packet Storm
228055 5.1 警告 cimmetry systems - AutoVue SolidModel Professional Desktop Edition におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-3350 2012-12-20 18:02 2006-07-27 Show GitHub Exploit DB Packet Storm
228056 7.5 危険 hotwebscripts - CMS Mundo における SQL インジェクションの脆弱性 - CVE-2006-3135 2012-12-20 18:02 2006-07-13 Show GitHub Exploit DB Packet Storm
228057 7.5 危険 streamripper - Streamripper の HTTP ヘッダ解析におけるバッファオーバーフローの脆弱性 - CVE-2006-3124 2012-12-20 18:02 2006-08-26 Show GitHub Exploit DB Packet Storm
228058 7.5 危険 brian wotring - Brian Wotring Osiris におけるフォーマットストリングの脆弱性 - CVE-2006-3120 2012-12-20 18:02 2006-07-31 Show GitHub Exploit DB Packet Storm
228059 5.1 警告 fbi - fbi の fbgs framebuffer Postscript/PDF viewer におけるフィルタを回避される脆弱性 - CVE-2006-3119 2012-12-20 18:02 2006-07-25 Show GitHub Exploit DB Packet Storm
228060 5 警告 VMware - VMware ESX Server における権限を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2006-2481 2012-12-20 18:02 2006-07-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211221 7.5 HIGH
Network 		s3bubble s3bubble-amazon-s3-audio-streaming The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. CWE-22
Path Traversal 		CVE-2015-9463 2024-11-21 11:40 2019-10-11 Show GitHub Exploit DB Packet Storm
211222 7.5 HIGH
Network 		s3bubble s3bubble-amazon-s3-html-5-video-with-adverts The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. CWE-22
Path Traversal 		CVE-2015-9464 2024-11-21 11:40 2019-10-11 Show GitHub Exploit DB Packet Storm
211223 7.2 HIGH
Network 		awesome_filterable_portfolio_project awesome_filterable_portfolio The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter. CWE-89
SQL Injection 		CVE-2015-9462 2024-11-21 11:40 2019-10-11 Show GitHub Exploit DB Packet Storm
211224 7.2 HIGH
Network 		brinidesigner awesome_filterable_portfolio The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter. CWE-89
SQL Injection 		CVE-2015-9461 2024-11-21 11:40 2019-10-11 Show GitHub Exploit DB Packet Storm
211225 8.8 HIGH
Network 		pinpoint pinpoint_booking_system The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter. CWE-89
SQL Injection 		CVE-2015-9460 2024-11-21 11:40 2019-10-11 Show GitHub Exploit DB Packet Storm
211226 6.1 MEDIUM
Network 		seo_searchterms_tagging_2_project seo_searchterms_tagging_2 The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter. CWE-79
Cross-site Scripting 		CVE-2015-9459 2024-11-21 11:40 2019-10-11 Show GitHub Exploit DB Packet Storm
211227 7.2 HIGH
Network 		seo_searchterms_tagging_2_project seo_searchterms_tagging_2 The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF. CWE-89
SQL Injection 		CVE-2015-9458 2024-11-21 11:40 2019-10-11 Show GitHub Exploit DB Packet Storm
211228 7.2 HIGH
Network 		caseproof pretty_link The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL injection via the group parameter. CWE-89
SQL Injection 		CVE-2015-9457 2024-11-21 11:40 2019-10-11 Show GitHub Exploit DB Packet Storm
211229 6.5 MEDIUM
Network 		orbisius child_theme_creator The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=sav… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2015-9456 2024-11-21 11:40 2019-10-8 Show GitHub Exploit DB Packet Storm
211230 8.1 HIGH
Network 		incsub buddypress-activity-plus The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory traversal via the wp-admin/admin-ajax.php bpfb_photos[] parameter in a bpfb_remove_temp_images action. CWE-352
 Origin Validation Error 		CVE-2015-9455 2024-11-21 11:40 2019-10-8 Show GitHub Exploit DB Packet Storm