Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248451	7.5	危険	futuresoft	-	FutureSoft TFTP Server MT におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2006-4781	2012-06-26 15:37	2006-09-14	Show	GitHub Exploit DB Packet Storm

248452	7.5	危険	cchost	-	Creative Commons Tools ccHost における SQL インジェクションの脆弱性	-	CVE-2006-4778	2012-06-26 15:37	2006-09-14	Show	GitHub Exploit DB Packet Storm

248453	7.5	危険	gtasoft	-	p4CMS の abf_js.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4769	2012-06-26 15:37	2006-09-13	Show	GitHub Exploit DB Packet Storm

248454	4.3	警告	benjamin pasero and tobias eichert	-	Benjamin Pasero および Tobias Eichert RSSOwl におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4760	2012-06-26 15:37	2006-09-13	Show	GitHub Exploit DB Packet Storm

248455	4.6	警告	e107.org	-	e107 の管理セクションにおける SQL インジェクションの脆弱性	-	CVE-2006-4757	2012-06-26 15:37	2006-09-13	Show	GitHub Exploit DB Packet Storm

248456	6.8	警告	comscripts	-	PHProg の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4754	2012-06-26 15:37	2006-09-13	Show	GitHub Exploit DB Packet Storm

248457	5	警告	comscripts	-	PHProg の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4753	2012-06-26 15:37	2006-09-13	Show	GitHub Exploit DB Packet Storm

248458	7.5	危険	bugada andrea	-	phpATM における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4749	2012-06-26 15:37	2006-09-13	Show	GitHub Exploit DB Packet Storm

248459	7.5	危険	f-art agency	-	F-ART BLOG:CMS における SQL インジェクションの脆弱性	-	CVE-2006-4748	2012-06-26 15:37	2006-09-13	Show	GitHub Exploit DB Packet Storm

248460	7.5	危険	comscripts	-	Web Server Creator の news/include/customize.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4746	2012-06-26 15:37	2006-09-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348001	-	codeworx_technologies	dcp-portal	Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the year, (2) month, and (3) day parameters i…	NVD-CWE-Other	CVE-2004-2511	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348002	-	codeworx_technologies	dcp-portal	CRLF injection vulnerability in calendar.php in DCP-Portal 5.3.2 and earlier allows remote attackers to conduct HTTP response splitting attacks to spoof web content and poison web caches via CRLF ("%…	NVD-CWE-Other	CVE-2004-2512	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348003	-	powerportal	powerportal	Cross-site scripting (XSS) vulnerability in modules/private_messages/index.php in PowerPortal 1.x allows remote attackers to inject arbitrary web script or HTML via the (1) SUBJECT or (2) MESSAGE fie…	NVD-CWE-Other	CVE-2004-2514	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348004	-	vmware	workstation	Format string vulnerability in VMware Workstation 4.5.2 build-8848, if running with elevated privileges, might allow local users to execute arbitrary code via format string specifiers in command line…	NVD-CWE-Other	CVE-2004-2515	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348005	-	myserver	myserver	Directory traversal vulnerability in myServer 0.7 allows remote attackers to list arbitrary directories via an HTTP GET command with a large number of "./" sequences followed by "../" sequences.	NVD-CWE-Other	CVE-2004-2516	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348006	-	myserver	myserver	myServer 0.7.1 allows remote attackers to cause a denial of service (crash) via a long HTTP POST request in a View=Logon operation to index.html.	NVD-CWE-Other	CVE-2004-2517	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348007	-	openftpd	openftpd_ftp_server	Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers …	NVD-CWE-Other	CVE-2004-2523	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348008	-	whm_autopilot	whm_autopilot	clogin.php in Benchmark Designs' WHM AutoPilot 2.4.5 and earlier allows remote attackers to obtain plaintext username and password credentials by using the clogin_e and base64_encode functions to enc…	NVD-CWE-Other	CVE-2004-2524	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348009	-	s9y	serendipity	Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable.	NVD-CWE-Other	CVE-2004-2525	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348010	-	ibm	tivoli_directory_server	Directory traversal vulnerability in ldacgi.exe in IBM Tivoli Directory Server 4.1 and earlier allows remote attackers to view arbitrary files via a .. (dot dot) in the Template parameter.	NVD-CWE-Other	CVE-2004-2526	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm