Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230191 6.5 警告 speedywiki - Speedywiki の index.php における任意の PHP コードをアップロードされる脆弱性 - CVE-2006-5845 2012-12-20 18:02 2006-11-9 Show GitHub Exploit DB Packet Storm
230192 5 警告 speedywiki - Speedywiki における Web サーバのフルパスを取得される脆弱性 - CVE-2006-5844 2012-12-20 18:02 2006-11-9 Show GitHub Exploit DB Packet Storm
230193 6.8 警告 speedywiki - Speedywiki の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5843 2012-12-20 18:02 2006-11-9 Show GitHub Exploit DB Packet Storm
230194 2.1 注意 unicore - Unicore Client の keystore ファイルにおける重要な情報を取得される脆弱性 - CVE-2006-5842 2012-12-20 18:02 2006-11-9 Show GitHub Exploit DB Packet Storm
230195 7.5 危険 phpadventure - PHPAdventure の ad_main.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5839 2012-12-20 18:02 2006-11-9 Show GitHub Exploit DB Packet Storm
230196 7.5 危険 simplechat - iWare Professional CMS 用の SimpleChat モジュールにおける chat_log.php へ任意の PHP コードを挿入される脆弱性 - CVE-2006-5837 2012-12-20 18:02 2006-11-9 Show GitHub Exploit DB Packet Storm
230197 6.8 警告 phpComasy - phpComasy CMS の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5827 2012-12-20 18:02 2006-11-9 Show GitHub Exploit DB Packet Storm
230198 5.8 警告 texas imperial software - Texas Imperial Software WFTPD Pro Server におけるバッファオーバーフローの脆弱性 - CVE-2006-5826 2012-12-20 18:02 2006-11-9 Show GitHub Exploit DB Packet Storm
230199 10 危険 シマンテック - Symantec Veritas NetBackup の NetBackup bpcd デーモンにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-5822 2012-12-20 18:02 2006-12-13 Show GitHub Exploit DB Packet Storm
230200 10 危険 verity - Verity Ultraseek における Web 攻撃などに対するプロキシとしてサーバを使用される脆弱性 - CVE-2006-5819 2012-12-20 18:02 2006-11-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199431 5.4 MEDIUM
Network 		phplist phplist A stored cross site scripting (XSS) vulnerability in phplist 3.5.4 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "rule1" parameter under the "Bounce… CWE-79
Cross-site Scripting 		CVE-2020-36399 2024-11-21 14:29 2021-07-3 Show GitHub Exploit DB Packet Storm
199432 5.4 MEDIUM
Network 		phplist phplist A stored cross site scripting (XSS) vulnerability in phplist 3.5.4 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "Campaign" field under the "Send a … CWE-79
Cross-site Scripting 		CVE-2020-36398 2024-11-21 14:29 2021-07-3 Show GitHub Exploit DB Packet Storm
199433 5.4 MEDIUM
Network 		lavalite lavalite A stored cross site scripting (XSS) vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted paylo… CWE-79
Cross-site Scripting 		CVE-2020-36397 2024-11-21 14:29 2021-07-3 Show GitHub Exploit DB Packet Storm
199434 5.4 MEDIUM
Network 		lavalite lavalite A stored cross site scripting (XSS) vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload en… CWE-79
Cross-site Scripting 		CVE-2020-36396 2024-11-21 14:29 2021-07-3 Show GitHub Exploit DB Packet Storm
199435 5.4 MEDIUM
Network 		lavalite lavalite A stored cross site scripting (XSS) vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload ent… CWE-79
Cross-site Scripting 		CVE-2020-36395 2024-11-21 14:29 2021-07-3 Show GitHub Exploit DB Packet Storm
199436 8.8 HIGH
Network 		aomedia libavif libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataFillImageGrid. CWE-787
 Out-of-bounds Write 		CVE-2020-36407 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
199437 8.8 HIGH
Network 		uwebsockets_project uwebsockets uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue … CWE-787
 Out-of-bounds Write 		CVE-2020-36406 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
199438 7.8 HIGH
Local 		keystone-engine keystone_engine Keystone Engine 0.9.2 has a use-after-free in llvm_ks::X86Operand::getToken. CWE-416
 Use After Free 		CVE-2020-36405 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
199439 7.8 HIGH
Local 		keystone-engine keystone Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::~SmallVectorImpl. CWE-763
 Release of Invalid Pointer or Reference 		CVE-2020-36404 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm
199440 8.8 HIGH
Network 		htslib htslib HTSlib through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read). CWE-787
 Out-of-bounds Write 		CVE-2020-36403 2024-11-21 14:29 2021-07-1 Show GitHub Exploit DB Packet Storm