Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228941 7.5 危険 rediff - Rediff Bol Downloader OCX コントロールにおける重要な情報 (ユーザ名およびパス名) を取得される脆弱性 - CVE-2006-6838 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
228942 6.8 警告 sergey oblomov - Total Commander 用の ISO プラグインの LoadTree などの関数におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-6837 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
228943 7.5 危険 yrch - Yrch! の plugins/metasearch/plug.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6823 2012-12-20 18:02 2006-12-29 Show GitHub Exploit DB Packet Storm
228944 7.5 危険 vladimir menshakov - Vladimir Menshakov buratinable templator の process.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6809 2012-12-20 18:02 2006-12-29 Show GitHub Exploit DB Packet Storm
228945 6.8 警告 WordPress.org - WordPress の wp-admin/templates.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6808 2012-12-20 18:02 2006-12-28 Show GitHub Exploit DB Packet Storm
228946 7.5 危険 softwebsnepal - Softwebs Nepal Ananda Real Estate の list.asp における SQL インジェクションの脆弱性 - CVE-2006-6807 2012-12-20 18:02 2006-12-28 Show GitHub Exploit DB Packet Storm
228947 6.8 警告 sh-news - SH-News の misc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6801 2012-12-20 18:02 2006-12-28 Show GitHub Exploit DB Packet Storm
228948 7.5 危険 The Cacti Group - Cacti における SQL インジェクションの脆弱性 - CVE-2006-6799 2012-12-20 18:02 2006-12-28 Show GitHub Exploit DB Packet Storm
228949 7.5 危険 PHP Outburst - UPB の chat/login.php における任意の PHP コードを挿入される脆弱性 - CVE-2006-6790 2012-12-20 18:02 2006-12-27 Show GitHub Exploit DB Packet Storm
228950 7.5 危険 phpbbxtra - Phpbbxtra の includes/archive/archive_topic.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6789 2012-12-20 18:02 2006-12-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197811 6.1 MEDIUM
Network 		adminserv_project adminserv ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Chris92de AdminServ. It has been declared as problematic. This vulnerability affects unknown code of the file resources/core/adminserv.php… CWE-79
Cross-site Scripting 		CVE-2020-36637 2024-11-21 14:29 2022-12-30 Show GitHub Exploit DB Packet Storm
197812 5.3 MEDIUM
Network 		robotsandpencils go-saml XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input. CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2020-36563 2024-11-21 14:29 2022-12-28 Show GitHub Exploit DB Packet Storm
197813 7.5 HIGH
Network 		dht_project dht Due to unchecked type assertions, maliciously crafted messages can cause panics, which may be used as a denial of service vector. CWE-617
 Reachable Assertion 		CVE-2020-36562 2024-11-21 14:29 2022-12-28 Show GitHub Exploit DB Packet Storm
197814 6.1 MEDIUM
Network 		openmrs admin_ui_module A vulnerability classified as problematic has been found in OpenMRS Admin UI Module up to 1.4.x. Affected is the function sendErrorMessage of the file omod/src/main/java/org/openmrs/module/adminui/pa… - CVE-2020-36636 2024-11-21 14:29 2022-12-28 Show GitHub Exploit DB Packet Storm
197815 9.1 CRITICAL
Network 		digitalocean golang-nanoauth Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empt… CWE-287
Improper Authentication 		CVE-2020-36569 2024-11-21 14:29 2022-12-28 Show GitHub Exploit DB Packet Storm
197816 7.5 HIGH
Network 		revel revel Unsanitized input in the query parser in github.com/revel/revel before v1.0.0 allows remote attackers to cause resource exhaustion via memory allocation. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2020-36568 2024-11-21 14:29 2022-12-28 Show GitHub Exploit DB Packet Storm
197817 9.1 CRITICAL
Network 		tar-utils_project tar-utils Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. CWE-22
Path Traversal 		CVE-2020-36566 2024-11-21 14:29 2022-12-28 Show GitHub Exploit DB Packet Storm
197818 7.5 HIGH
Network 		nosurf_project nosurf Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid. CWE-20
 Improper Input Validation  		CVE-2020-36564 2024-11-21 14:29 2022-12-28 Show GitHub Exploit DB Packet Storm
197819 9.1 CRITICAL
Network 		go-unzip_project go-unzip Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. CWE-22
Path Traversal 		CVE-2020-36560 2024-11-21 14:29 2022-12-28 Show GitHub Exploit DB Packet Storm
197820 7.5 HIGH
Network 		aahframework aah Due to improper sanitization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read. CWE-22
Path Traversal 		CVE-2020-36559 2024-11-21 14:29 2022-12-28 Show GitHub Exploit DB Packet Storm