Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248721	7.5	危険	DeltaScripts	-	DeltaScripts PHP Classifieds の functions.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5520	2012-06-26 15:37	2006-10-26	Show	GitHub Exploit DB Packet Storm

248722	7.5	危険	christopher fowler	-	Rhode Island RSSonate における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5518	2012-06-26 15:37	2006-10-26	Show	GitHub Exploit DB Packet Storm

248723	7.5	危険	geonetwork	-	GeoNetwork オープンソースにおける SQL インジェクションの脆弱性	-	CVE-2006-5513	2012-06-26 15:37	2006-10-26	Show	GitHub Exploit DB Packet Storm

248724	6.4	警告	bluevirus-design	-	PH Pexplorer の explorer_load_lang.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5510	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

248725	7.5	危険	der dirigent	-	DeDi における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5507	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

248726	7.5	危険	ben3w	-	2BGal における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5505	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

248727	7.5	危険	AOL	-	AOL Security Edition の YGPPicDownload.dll におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2006-5502	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

248728	7.5	危険	AOL	-	AOL Security Edition の YGPPicDownload.dll におけるバッファオーバーフローの脆弱性	-	CVE-2006-5501	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

248729	7.5	危険	digitalhive	-	DigitalHive の template/purpletech/base_include.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5493	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

248730	7.5	危険	ceary	-	UltraCMS の include/index.php における SQL インジェクションの脆弱性	-	CVE-2006-5491	2012-06-26 15:37	2006-10-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210351	6.5	MEDIUM Network	schneider-electric rockwellautomation xylem	easergy_t300_firmware easergy_c5_firmware micom_c264_firmware pacis_gtw_firmware saitel_dp_firmware epas_gtw_firmware saitel_dr_firmware scd2200_firmware isagraf_free_runtime<…	Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime…	CWE-798 Use of Hard-coded Credentials	CVE-2020-25180	2024-11-21 14:17	2022-03-19	Show	GitHub Exploit DB Packet Storm

210352	8.8	HIGH Network	schneider-electric rockwellautomation xylem	easergy_t300_firmware easergy_c5_firmware micom_c264_firmware pacis_gtw_firmware saitel_dp_firmware epas_gtw_firmware saitel_dr_firmware scd2200_firmware isagraf_free_runtime<…	ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploadin…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-25178	2024-11-21 14:17	2022-03-19	Show	GitHub Exploit DB Packet Storm

210353	9.8	CRITICAL Network	schneider-electric rockwellautomation xylem	easergy_t300_firmware easergy_c5_firmware micom_c264_firmware pacis_gtw_firmware saitel_dp_firmware epas_gtw_firmware saitel_dr_firmware scd2200_firmware isagraf_free_runtime<…	Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to th…	CWE-22 Path Traversal	CVE-2020-25176	2024-11-21 14:17	2022-03-19	Show	GitHub Exploit DB Packet Storm

210354	5.5	MEDIUM Local	gpac	gpac	A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service.	CWE-476 NULL Pointer Dereference	CVE-2020-25427	2024-11-21 14:17	2022-01-11	Show	GitHub Exploit DB Packet Storm

210355	9.8	CRITICAL Network	dlink	dir-823g_firmware	A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacter…	CWE-78 OS Command	CVE-2020-25368	2024-11-21 14:17	2021-11-4	Show	GitHub Exploit DB Packet Storm

210356	9.1	CRITICAL Network	dlink	dir-823g_firmware	An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors.	CWE-862 Missing Authorization	CVE-2020-25366	2024-11-21 14:17	2021-11-4	Show	GitHub Exploit DB Packet Storm

210357	9.8	CRITICAL Network	dlink	dir-823g_firmware	A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacter…	CWE-78 OS Command	CVE-2020-25367	2024-11-21 14:17	2021-11-4	Show	GitHub Exploit DB Packet Storm

210358	5.4	MEDIUM Network	mara_cms_project	mara_cms	A cross site scripting (XSS) vulnerability in menuedit.php of Mara CMS 7.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.	CWE-79 Cross-site Scripting	CVE-2020-25422	2024-11-21 14:17	2021-10-29	Show	GitHub Exploit DB Packet Storm

210359	9.1	CRITICAL Network	rconfig	rconfig	An arbitrary file deletion vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This vulnerability gave attackers the ability to send a crafted request to /lib/ajaxHandlers/ajaxDeleteAllLoggingFi…	CWE-862 Missing Authorization	CVE-2020-25359	2024-11-21 14:17	2021-08-21	Show	GitHub Exploit DB Packet Storm

210360	6.5	MEDIUM Network	rconfig	rconfig	A server-side request forgery (SSRF) vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This vulnerability allowed remote authenticated attackers to open a connection to the machine via the dev…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-25353	2024-11-21 14:17	2021-08-21	Show	GitHub Exploit DB Packet Storm