Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
200741	7.5	重要 Network	Aerospike, Inc.	-	Aerospike Database Server の Fabric_Worker コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2016-9049	2017-03-9 16:49	2016-10-26	Show	GitHub Exploit DB Packet Storm

200742	7.8	重要 Local	JasPer Project openSUSE project Fedora Project	-	JasPer の jas_stream.c の mem_close 関数におけるメモリ二重解放の脆弱性	CWE-415 二重解放	CVE-2016-8693	2017-03-9 16:03	2016-10-20	Show	GitHub Exploit DB Packet Storm

200743	5.5	警告 Local	Debian JasPer Project Fedora Project	-	JasPer の libjasper/jpc/jpc_dec.c の jpc_dec_process_siz 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-369 ゼロ除算	CVE-2016-8692	2017-03-9 16:03	2016-10-16	Show	GitHub Exploit DB Packet Storm

200744	5.5	警告 Local	Debian JasPer Project Fedora Project	-	JasPer の libjasper/jpc/jpc_dec.c の jpc_dec_process_siz 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-369 ゼロ除算	CVE-2016-8691	2017-03-9 16:03	2016-10-16	Show	GitHub Exploit DB Packet Storm

200745	5	警告	アップル日本電気	-	複数の Apple 製品の Secure Transport における EXPORT_RSA 暗号に対して暗号スイートのダウングレード攻撃を実行される脆弱性	CWE-310 暗号の問題	CVE-2015-1067	2017-03-9 15:34	2015-03-9	Show	GitHub Exploit DB Packet Storm

200746	7.8	危険	日本電気	-	SSL/TLS の実装が輸出グレードの RSA 鍵を受け入れる問題 (FREAK 攻撃)	CWE-Other その他	-	2017-03-9 15:33	2015-03-6	Show	GitHub Exploit DB Packet Storm

200747	4.3	警告	マイクロソフト日本電気	-	複数の Microsoft Windows 製品の Schannel における EXPORT_RSA 暗号に対して暗号スイートのダウングレード攻撃を実行される脆弱性	CWE-310 暗号の問題	CVE-2015-1637	2017-03-9 15:33	2015-03-5	Show	GitHub Exploit DB Packet Storm

200748	4.3	警告	日本電気アップルサン・マイクロシステムズヒューレット・パッカード OpenSSL Project オラクル日立	-	OpenSSL の s3_clnt.c の ssl3_get_key_exchange 関数における RSA-to-EXPORT_RSA ダウングレード攻撃を実行される脆弱性	CWE-310 暗号の問題	CVE-2015-0204	2017-03-9 15:33	2015-01-8	Show	GitHub Exploit DB Packet Storm

200749	5	警告	アップル日本電気 OpenSSL Project オラクル	-	OpenSSL の crypto/cms/cms_smime.c の do_free_upto 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2015-1792	2017-03-9 15:31	2015-06-11	Show	GitHub Exploit DB Packet Storm

200750	6.8	警告	アップル日本電気 OpenSSL Project オラクル	-	OpenSSL の ssl/s3_clnt.c の ssl3_get_new_session_ticket 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-362 競合状態	CVE-2015-1791	2017-03-9 15:31	2015-06-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
290051	-	dlink	dap_1150_firmware dap_1150	Cross-site scripting (XSS) vulnerability in D-Link DAP 1150 with firmware 1.2.94 allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi in the Control/U…	CWE-79 Cross-site Scripting	CVE-2014-3761	2024-11-21 11:08	2014-05-16	Show	GitHub Exploit DB Packet Storm

290052	-	dlink	dap_1150_firmware dap_1150	Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP 1150 with firmware 1.2.94 allow remote attackers to hijack the authentication of administrators for requests that (1) enable o…	CWE-352 Origin Validation Error	CVE-2014-3760	2024-11-21 11:08	2014-05-16	Show	GitHub Exploit DB Packet Storm

290053	-	karlen_walter	si_bibtex	Multiple SQL injection vulnerabilities in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the (1) search …	CWE-89 SQL Injection	CVE-2014-3759	2024-11-21 11:08	2014-05-16	Show	GitHub Exploit DB Packet Storm

290054	-	karlen_walter	si_bibtex	Cross-site scripting (XSS) vulnerability in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via vectors related to the imp…	CWE-79 Cross-site Scripting	CVE-2014-3758	2024-11-21 11:08	2014-05-16	Show	GitHub Exploit DB Packet Storm

290055	-	bilyoner	bilyoner	The Bilyoner application before 2.3.1 for Android and before 4.6.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain se…	CWE-310 Cryptographic Issues	CVE-2014-3750	2024-11-21 11:08	2014-05-16	Show	GitHub Exploit DB Packet Storm

290056	-	phpmanufaktur	kitform	SQL injection vulnerability in sorter.php in the phpManufaktur kitForm extension 0.43 and earlier for the KeepInTouch (KIT) module allows remote attackers to execute arbitrary SQL commands via the so…	CWE-89 SQL Injection	CVE-2014-3757	2024-11-21 11:08	2014-05-15	Show	GitHub Exploit DB Packet Storm

290057	-	jetaudio	jetaudio	JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-3443	2024-11-21 11:08	2014-05-15	Show	GitHub Exploit DB Packet Storm

290058	-	videolan	vlc_media_player	codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-3441	2024-11-21 11:08	2014-05-15	Show	GitHub Exploit DB Packet Storm

290059	-	dovecot	dovecot	Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consum…	CWE-287 Improper Authentication	CVE-2014-3430	2024-11-21 11:08	2014-05-15	Show	GitHub Exploit DB Packet Storm

290060	-	gitlab	gitlab	Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2014-3456	2024-11-21 11:08	2014-05-14	Show	GitHub Exploit DB Packet Storm