Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230111 5.8 警告 chamberland technology - Chamberland Technology ezWaiter Online におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3613 2012-12-20 18:02 2006-07-18 Show GitHub Exploit DB Packet Storm
230112 2.6 注意 Phorum - Phorum におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3612 2012-12-20 18:02 2006-07-13 Show GitHub Exploit DB Packet Storm
230113 5.5 警告 Phorum - Phorum の pm.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-3611 2012-12-20 18:02 2006-07-13 Show GitHub Exploit DB Packet Storm
230114 5 警告 orbitcoders - Orbitcoders OrbitMATRIX の index.php における重要な情報を取得される脆弱性 - CVE-2006-3610 2012-12-20 18:02 2006-07-18 Show GitHub Exploit DB Packet Storm
230115 4.3 警告 orbitcoders - Orbitcoders OrbitMATRIX の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3609 2012-12-20 18:02 2006-07-18 Show GitHub Exploit DB Packet Storm
230116 4.6 警告 flatnuke - Simone Vellei Flatnuke の Gallery モジュールにおける任意の PHP コードを実行される脆弱性 - CVE-2006-3608 2012-12-20 18:02 2006-07-18 Show GitHub Exploit DB Packet Storm
230117 4.3 警告 softbiz - Softbiz Banner Exchange Script におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3607 2012-12-20 18:02 2006-07-18 Show GitHub Exploit DB Packet Storm
230118 5 警告 マイクロソフト - Microsoft Internet Explorer 6 におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-3605 2012-12-20 18:02 2006-07-18 Show GitHub Exploit DB Packet Storm
230119 7.5 危険 seyeon - FlexWATCH Network Camera におけるディレクトリトラバーサルの脆弱性 - CVE-2006-3604 2012-12-20 18:02 2006-07-18 Show GitHub Exploit DB Packet Storm
230120 5.8 警告 seyeon - FlexWATCH Network Camera の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3603 2012-12-20 18:02 2006-07-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212391 7.8 HIGH
Local 		glyphandcog xpdfreader There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2019-9588 2024-11-21 13:51 2019-03-6 Show GitHub Exploit DB Packet Storm
212392 7.8 HIGH
Local 		glyphandcog xpdfreader There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to… CWE-400
 Uncontrolled Resource Consumption 		CVE-2019-9587 2024-11-21 13:51 2019-03-6 Show GitHub Exploit DB Packet Storm
212393 8.8 HIGH
Network 		twinkletoessoftware booked phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresent… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-9581 2024-11-21 13:51 2019-03-6 Show GitHub Exploit DB Packet Storm
212394 7.5 HIGH
Network 		yubico libu2f-host In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device. CWE-908
 Use of Uninitialized Resource 		CVE-2019-9578 2024-11-21 13:51 2019-03-6 Show GitHub Exploit DB Packet Storm
212395 5.3 MEDIUM
Network 		sagemcom f\@st_5260_firmware Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The numbe… CWE-331
 Insufficient Entropy 		CVE-2019-9555 2024-11-21 13:51 2019-03-6 Show GitHub Exploit DB Packet Storm
212396 5.5 MEDIUM
Local 		linux
debian
redhat
opensuse
canonical 		linux_kernel
debian_linux
enterprise_linux
leap
ubuntu_linux 		In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SM… CWE-476
 NULL Pointer Dereference 		CVE-2019-9213 2024-11-21 13:51 2019-03-6 Show GitHub Exploit DB Packet Storm
212397 6.1 MEDIUM
Network 		adenion blog2social The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admin.php?page=blog2social-ship XSS. CWE-79
Cross-site Scripting 		CVE-2019-9576 2024-11-21 13:51 2019-03-6 Show GitHub Exploit DB Packet Storm
212398 6.1 MEDIUM
Network 		quizandsurveymaster quiz_and_survey_master The Quiz And Survey Master plugin 6.0.4 for WordPress allows wp-admin/admin.php?page=mlw_quiz_results quiz_id XSS. CWE-79
Cross-site Scripting 		CVE-2019-9575 2024-11-21 13:51 2019-03-6 Show GitHub Exploit DB Packet Storm
212399 7.5 HIGH
Network 		mishubd wp_human_resource_management The WP Human Resource Management plugin before 2.2.6 for WordPress does not ensure that a leave modification occurs in the context of the Administrator or HR Manager role. CWE-862
 Missing Authorization 		CVE-2019-9574 2024-11-21 13:51 2019-03-6 Show GitHub Exploit DB Packet Storm
212400 7.5 HIGH
Network 		mishubd wp_human_resource_management The WP Human Resource Management plugin before 2.2.6 for WordPress mishandles leave applications. CWE-19
 Data Processing Errors 		CVE-2019-9573 2024-11-21 13:51 2019-03-6 Show GitHub Exploit DB Packet Storm