Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198781 4.8 警告
Network 		NTP Project - NTP の ntpq プロトコルにおける反射攻撃を実行される脆弱性 CWE-284
CWE-294
CVE-2015-8140 2017-02-14 19:49 2015-10-16 Show GitHub Exploit DB Packet Storm
198782 5.3 警告
Network 		NTP Project - NTP の ntpq における開始タイムスタンプを取得される脆弱性 CWE-200
CWE-284
CVE-2015-8139 2017-02-14 19:49 2015-10-16 Show GitHub Exploit DB Packet Storm
198783 7.5 重要
Network 		NTP Project - NTP におけるサービス運用妨害 (DoS) の脆弱性 CWE-400
リソースの枯渇 		CVE-2015-7978 2017-02-14 19:49 2015-10-16 Show GitHub Exploit DB Packet Storm
198784 6.2 警告
Local 		NTP Project - NTP の nextvar 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
CWE-20
CVE-2015-7975 2017-02-14 19:49 2015-10-16 Show GitHub Exploit DB Packet Storm
198785 5.5 警告
Local 		ImageMagick - ImageMagick の MagickCore/fx.c の WaveletDenoiseImage 関数におけるヒープオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-9298 2017-02-14 16:56 2016-11-1 Show GitHub Exploit DB Packet Storm
198786 7.5 重要
Network 		uClibc-ng project
Erik Andersen		 - uClibc および uClibc-ng の libc/string/arm/memset.S における整数符号エラーの脆弱性 CWE-119
バッファエラー 		CVE-2016-6264 2017-02-14 16:54 2016-06-20 Show GitHub Exploit DB Packet Storm
198787 5.5 警告
Local 		サムスン - Samsung KNOX の ClipboardDataMgr における KNOX クリップボードデータを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2016-3996 2017-02-14 15:35 2016-04-16 Show GitHub Exploit DB Packet Storm
198788 7.8 重要
Local 		openSUSE project
LibTIFF		 - LibTiff の t2p_readwrite_pdf_image_tile 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-787
境界外書き込み 		CVE-2016-9453 2017-02-14 15:08 2016-10-8 Show GitHub Exploit DB Packet Storm
198789 7.5 重要
Network 		openSUSE project
LibTIFF		 - LibTiff の TIFFFetchNormalTag 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2016-9448 2017-02-14 15:08 2016-11-16 Show GitHub Exploit DB Packet Storm
198790 4.9 警告
Network 		シトリックス・システムズ - Citrix XenServer の Linux Foundation xapi における他の管理者のタスクをキャンセルされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-5573 2017-02-14 14:41 2017-01-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346341 - oracle database_server
oracle9i 		The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2004-1338 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
346342 - oracle database_server
oracle9i 		SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the … CWE-89
SQL Injection 		CVE-2004-1339 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
346343 - debian debian_linux Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information. NVD-CWE-Other
CVE-2004-1340 2017-07-11 10:30 2005-01-26 Show GitHub Exploit DB Packet Storm
346344 - roar_smith info2www Cross-site scripting (XSS) vulnerability in info2www before 1.2.2.9 allows remote attackers to inject arbitrary web script or HTML via the arguments to info2www. NVD-CWE-Other
CVE-2004-1341 2017-07-11 10:30 2005-04-19 Show GitHub Exploit DB Packet Storm
346345 - sun java_system_web_proxy_server Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNEC… NVD-CWE-Other
CVE-2004-1350 2017-07-11 10:30 2004-10-30 Show GitHub Exploit DB Packet Storm
346346 - oracle application_server
collaboration_suite
e-business_suite
enterprise_manager
enterprise_manager_database_control
enterprise_manager_grid_control
oracle10g
oracle8i
oracle9i 		The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attacker… NVD-CWE-Other
CVE-2004-1362 2017-07-11 10:30 2004-08-4 Show GitHub Exploit DB Packet Storm
346347 - oracle application_server
collaboration_suite
e-business_suite
enterprise_manager
enterprise_manager_database_control
enterprise_manager_grid_control
oracle10g
oracle8i
oracle9i 		Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user. NVD-CWE-Other
CVE-2004-1365 2017-07-11 10:30 2004-08-4 Show GitHub Exploit DB Packet Storm
346348 - oracle application_server
collaboration_suite
e-business_suite
enterprise_manager
enterprise_manager_database_control
enterprise_manager_grid_control
oracle10g
oracle8i
oracle9i 		Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges. CWE-255
Credentials Management 		CVE-2004-1366 2017-07-11 10:30 2004-08-4 Show GitHub Exploit DB Packet Storm
346349 - oracle application_server
collaboration_suite
e-business_suite
enterprise_manager
enterprise_manager_database_control
enterprise_manager_grid_control
oracle10g
oracle8i
oracle9i 		ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script. NVD-CWE-noinfo
CVE-2004-1368 2017-07-11 10:30 2004-08-4 Show GitHub Exploit DB Packet Storm
346350 - oracle application_server
collaboration_suite
e-business_suite
enterprise_manager
enterprise_manager_database_control
enterprise_manager_grid_control
oracle10g
oracle8i
oracle9i 		The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset… NVD-CWE-Other
CVE-2004-1369 2017-07-11 10:30 2004-08-4 Show GitHub Exploit DB Packet Storm