Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230301	4.6	警告	flatnuke	-	Simone Vellei Flatnuke の Gallery モジュールにおける任意の PHP コードを実行される脆弱性	-	CVE-2006-3608	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

230302	4.3	警告	softbiz	-	Softbiz Banner Exchange Script におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-3607	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

230303	5	警告	マイクロソフト	-	Microsoft Internet Explorer 6 におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-3605	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

230304	7.5	危険	seyeon	-	FlexWATCH Network Camera におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-3604	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

230305	5.8	警告	seyeon	-	FlexWATCH Network Camera の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-3603	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

230306	5	警告	farsinews	-	FarsiNews の jscripts/tiny_mce/tiny_mce_gzip.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-3602	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

230307	5.1	警告	libtunepimp	-	TunePimp の LookupTRM::lookup 関数におけるスタックベースのバッファーオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2006-3600	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

230308	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Nuke Advanced Classifieds モジュールにおける SQL インジェクションの脆弱性	-	CVE-2006-3599	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

230309	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Sections モジュールにおける SQL インジェクションの脆弱性	-	CVE-2006-3598	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

230310	7.2	危険	Canonical	-	Ubuntu 上で稼動する passwd におけるインストーラのメモリ内でパスワードがゼロに設定される脆弱性	-	CVE-2006-3597	2012-12-20 18:02	2006-07-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211471	8.1	HIGH Network	gonitro	nitro_pro	npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnotHandlerUtils::create_popup_for_markup+0x12fbe via a crafted PDF document.	CWE-787 Out-of-bounds Write	CVE-2020-10223	2024-11-21 13:54	2020-03-9	Show	GitHub Exploit DB Packet Storm

211472	8.1	HIGH Network	gonitro	nitro_pro	npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::get_property+2381 via a crafted PDF document.	NVD-CWE-noinfo	CVE-2020-10222	2024-11-21 13:54	2020-03-9	Show	GitHub Exploit DB Packet Storm

211473	8.8	HIGH Network	rconfig	rconfig	lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter.	CWE-78 OS Command	CVE-2020-10221	2024-11-21 13:54	2020-03-9	Show	GitHub Exploit DB Packet Storm

211474	9.8	CRITICAL Network	rconfig	rconfig	An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.	CWE-89 SQL Injection	CVE-2020-10220	2024-11-21 13:54	2020-03-8	Show	GitHub Exploit DB Packet Storm

211475	8.8	HIGH Network	dlink trendnet	dir-825_firmware tew-632brp_firmware	An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the date parameter in a system_time.cgi POST request. TRENDnet TEW-632BRP 1…	CWE-78 OS Command	CVE-2020-10216	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

211476	8.8	HIGH Network	dlink trendnet	dir-825_firmware tew-632brp_firmware	An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-…	CWE-78 OS Command	CVE-2020-10215	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

211477	8.8	HIGH Network	dlink	dir-825_firmware	An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_s…	CWE-787 Out-of-bounds Write	CVE-2020-10214	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

211478	8.8	HIGH Network	dlink trendnet	dir-825_firmware tew-632brp_firmware	An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST reque…	CWE-78 OS Command	CVE-2020-10213	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

211479	9.8	CRITICAL Network	tecrail	responsive_filemanager	upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an i…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-10212	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm

211480	5.4	MEDIUM Network	citrix	gateway_firmware	Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. NOTE: Citrix disputes this as not a vulnerability. By default, Citrix ADC only caches static content served under certain URL paths for Cit…	CWE-444 HTTP Request Smuggling	CVE-2020-10112	2024-11-21 13:54	2020-03-7	Show	GitHub Exploit DB Packet Storm