Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 2:21 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230221	7.5	危険	postnuke software foundation	-	PostNuke の error.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5733	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

230222	5	警告	tgs-cms	-	T.G.S. CMS の logout.php における SQL インジェクションの脆弱性	-	CVE-2006-5732	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

230223	6.5	警告	yazd	-	Yazd Discussion Forum における任意のフォーラム内へメッセージを返信される脆弱性	-	CVE-2006-5729	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

230224	5.1	警告	sazcart	-	sazcart の admin/controls/cart.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5727	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

230225	4.9	警告	サン・マイクロシステムズ	-	Solaris の UFS filesystem におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-5726	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

230226	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin の error.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5718	2012-12-20 18:02	2006-11-1	Show	GitHub Exploit DB Packet Storm

230227	4.3	警告	Zend Technologies Ltd.	-	ZendGData Preview におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5717	2012-12-20 18:02	2006-11-3	Show	GitHub Exploit DB Packet Storm

230228	7.5	危険	phpeasydata pro	-	PHPEasyData Pro の index.php における SQL インジェクションの脆弱性	-	CVE-2006-5707	2012-12-20 18:02	2006-11-3	Show	GitHub Exploit DB Packet Storm

230229	6	警告	WordPress.org	-	WordPress の plugins/wp-db-backup.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5705	2012-12-20 18:02	2006-10-27	Show	GitHub Exploit DB Packet Storm

230230	4.3	警告	Tiki Software Community Association	-	Tikiwiki の featured_link.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-5703	2012-12-20 18:02	2006-11-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
212731	9.8	CRITICAL Network	limesurvey	limesurvey	The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path.	CWE-22 Path Traversal	CVE-2019-9960	2024-11-21 13:52	2019-03-24	Show	GitHub Exploit DB Packet Storm

212732	8.8	HIGH Network	imagemagick debian	imagemagick debian_linux	In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted i…	CWE-787 Out-of-bounds Write	CVE-2019-9956	2024-11-21 13:52	2019-03-24	Show	GitHub Exploit DB Packet Storm

212733	9.1	CRITICAL Network	python opensuse debian fedoraproject canonical redhat	python leap debian_linux fedora ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_eus enterprise_linux_tus ente…	urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggerin…	CWE-22 Path Traversal	CVE-2019-9948	2024-11-21 13:52	2019-03-24	Show	GitHub Exploit DB Packet Storm

212734	6.1	MEDIUM Network	python	python	An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the fir…	CWE-93 CRLF Injection	CVE-2019-9947	2024-11-21 13:52	2019-03-24	Show	GitHub Exploit DB Packet Storm

212735	9.8	CRITICAL Network	softnas	cloud	SoftNAS Cloud 4.2.0 and 4.2.1 allows remote command execution. The NGINX default configuration file has a check to verify the status of a user cookie. If not set, a user is redirected to the login pa…	NVD-CWE-noinfo	CVE-2019-9945	2024-11-21 13:52	2019-03-24	Show	GitHub Exploit DB Packet Storm

212736	3.7	LOW Network	symfony debian	twig debian_linux	A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the __toString() method on an object even if not allowed b…	NVD-CWE-noinfo	CVE-2019-9942	2024-11-21 13:52	2019-03-24	Show	GitHub Exploit DB Packet Storm

212737	5.3	MEDIUM Network	coreftp	core_ftp	An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique (..\..\) to browse outside the ro…	CWE-22 Path Traversal	CVE-2019-9649	2024-11-21 13:52	2019-03-23	Show	GitHub Exploit DB Packet Storm

212738	5.3	MEDIUM Network	coreftp	core_ftp	An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a \..\..\ substring, allowing an attacker …	CWE-22 Path Traversal	CVE-2019-9648	2024-11-21 13:52	2019-03-23	Show	GitHub Exploit DB Packet Storm

212739	8.8	HIGH Adjacent	ushareit	shareit	The SHAREit application before 4.0.36 for Android allows a remote attacker (on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated) to …	NVD-CWE-noinfo	CVE-2019-9939	2024-11-21 13:52	2019-03-22	Show	GitHub Exploit DB Packet Storm

212740	5.3	MEDIUM Adjacent	ushareit	shareit	The SHAREit application before 4.0.42 for Android allows a remote attacker (on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated) to …	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2019-9938	2024-11-21 13:52	2019-03-22	Show	GitHub Exploit DB Packet Storm