Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200171 7.5 重要
Network 		Drupal - Drupal における不適切なアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-6377 2017-04-18 15:42 2017-03-15 Show GitHub Exploit DB Packet Storm
200172 6.6 警告
Physics 		OnePlus - OnePlus 3 および 3T デバイス上で稼動する OxygenOS における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-5623 2017-04-18 15:35 2017-03-19 Show GitHub Exploit DB Packet Storm
200173 7.1 重要
Local 		Libav - libav の libavcodec の decode_residual 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2017-7208 2017-04-18 15:27 2017-03-19 Show GitHub Exploit DB Packet Storm
200174 7.1 重要
Local 		Libav - libav の libavcodec の ff_h2645_extract_rbsp 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2017-7206 2017-04-18 15:27 2017-03-19 Show GitHub Exploit DB Packet Storm
200175 8.8 重要
Network 		Capstone engine - Capstone の winkernel_mm.c の cs_winkernel_malloc 関数における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2017-6952 2017-04-18 14:54 2017-03-14 Show GitHub Exploit DB Packet Storm
200176 5.9 警告
Network 		GNU Project - GNU C Library の pop_fail_stack 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-19
データ処理 		CVE-2015-8985 2017-04-18 11:57 2015-02-28 Show GitHub Exploit DB Packet Storm
200177 2.7
Network 		Postfix Admin Project
openSUSE project		 - PostfixAdmin の AliasHandler コンポーネントにおける保護されたエイリアスを削除される脆弱性 CWE-275
パーミッションの問題 		CVE-2017-5930 2017-04-18 11:38 2017-02-8 Show GitHub Exploit DB Packet Storm
200178 7.8 重要
Local 		USBPcap project - USBPcap の IofCallDriver 関数における権限を取得される脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-6178 2017-04-18 11:27 2017-03-7 Show GitHub Exploit DB Packet Storm
200179 7.4 重要
Network 		Debian
SVG Salamander project		 - SVG Salamander ライブラリにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2017-5617 2017-04-18 11:19 2017-03-26 Show GitHub Exploit DB Packet Storm
200180 4.3 警告
Network 		Huawei - Huawei Document Security Management のパーミッション制御モジュールにおける重要な情報を取得される脆弱性 CWE-275
パーミッションの問題 		CVE-2016-2406 2017-04-18 11:03 2016-02-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291001 - zend zendopenid
zend_framework 		The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 does not verify that the openid_op_endpoint value i… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-2684 2024-11-21 11:06 2014-11-16 Show GitHub Exploit DB Packet Storm
291002 - zend zendrest
zend_framework
zendservice_slideshare
zendservice_api
zendservice_audioscrobbler
zendservice_amazon
zendservice_technorati
zendservice_windowsazure
zendopenid
zend… 		Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService… CWE-17
Code 		CVE-2014-2683 2024-11-21 11:06 2014-11-16 Show GitHub Exploit DB Packet Storm
291003 - zend zendrest
zend_framework
zendservice_slideshare
zendservice_api
zendservice_audioscrobbler
zendservice_amazon
zendservice_technorati
zendservice_windowsazure
zendopenid
zend… 		Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService… CWE-19
 Data Processing Errors 		CVE-2014-2682 2024-11-21 11:06 2014-11-16 Show GitHub Exploit DB Packet Storm
291004 - zend zendrest
zend_framework
zendservice_slideshare
zendservice_api
zendservice_audioscrobbler
zendservice_amazon
zendservice_technorati
zendservice_windowsazure
zendopenid
zend… 		Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService… CWE-19
 Data Processing Errors 		CVE-2014-2681 2024-11-21 11:06 2014-11-16 Show GitHub Exploit DB Packet Storm
291005 - accuenergy axm-net
acuvim_ii 		The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript. CWE-200
Information Exposure 		CVE-2014-2374 2024-11-21 11:06 2014-11-5 Show GitHub Exploit DB Packet Storm
291006 - accuenergy axm-net
acuvim_ii 		The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to bypass authentication and modify settings via a direct request to an unspecified U… CWE-287
Improper Authentication 		CVE-2014-2373 2024-11-21 11:06 2014-11-5 Show GitHub Exploit DB Packet Storm
291007 - t-mobile
asus 		tm-ac1900
rt_series_firmware 		ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2014-2718 2024-11-21 11:06 2014-11-5 Show GitHub Exploit DB Packet Storm
291008 - fortinet fortimanager
fortianalyzer_firmware 		Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web scrip… CWE-79
Cross-site Scripting 		CVE-2014-2336 2024-11-21 11:06 2014-10-31 Show GitHub Exploit DB Packet Storm
291009 - fortinet fortianalyzer_firmware Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vecto… CWE-79
Cross-site Scripting 		CVE-2014-2335 2024-11-21 11:06 2014-10-31 Show GitHub Exploit DB Packet Storm
291010 - fortinet fortianalyzer_firmware Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vect… CWE-79
Cross-site Scripting 		CVE-2014-2334 2024-11-21 11:06 2014-10-31 Show GitHub Exploit DB Packet Storm