Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200791 5.9 警告
Network 		Converse.js - Converse.js の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性 CWE-20
CWE-346
CVE-2017-5858 2017-03-8 15:04 2017-02-1 Show GitHub Exploit DB Packet Storm
200792 5.9 警告
Network 		Redsolution, Inc - Xabber の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性 CWE-20
CWE-346
CVE-2017-5606 2017-03-8 15:04 2017-02-9 Show GitHub Exploit DB Packet Storm
200793 5.9 警告
Network 		Movim - Movim の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性 CWE-20
CWE-346
CVE-2017-5605 2017-03-8 15:04 2017-01-28 Show GitHub Exploit DB Packet Storm
200794 5.9 警告
Network 		mcabber - mcabber の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性 CWE-20
CWE-346
CVE-2017-5604 2017-03-8 15:04 2017-01-26 Show GitHub Exploit DB Packet Storm
200795 5.9 警告
Network 		Jitsi - Jitsi の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性 CWE-20
CWE-346
CVE-2017-5603 2017-03-8 15:04 2017-01-27 Show GitHub Exploit DB Packet Storm
200796 5.9 警告
Network 		Jappix - jappix の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性 CWE-20
CWE-346
CVE-2017-5602 2017-03-8 15:04 2017-01-27 Show GitHub Exploit DB Packet Storm
200797 5.9 警告
Network 		Psi+ Dev Team - Psi+ の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性 CWE-20
CWE-346
CVE-2017-5593 2017-03-8 15:04 2017-01-25 Show GitHub Exploit DB Packet Storm
200798 5.9 警告
Network 		profanity - profanity の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性 CWE-20
CWE-346
CVE-2017-5592 2017-03-8 15:04 2017-01-24 Show GitHub Exploit DB Packet Storm
200799 5.9 警告
Network 		SleekXMPP project
Slixmpp project		 - SleekXMPP および Slixmpp の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性 CWE-20
CWE-346
CVE-2017-5591 2017-03-8 15:04 2017-01-28 Show GitHub Exploit DB Packet Storm
200800 5.9 警告
Network 		Georg Lukas - yaxim および Bruno の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性 CWE-20
CWE-346
CVE-2017-5589 2017-03-8 15:04 2017-01-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290451 - ayatana_project unity Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3202 2024-11-21 11:07 2014-05-6 Show GitHub Exploit DB Packet Storm
290452 - f5 big-iq F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote authenticated users to change the password of arbitrary users via the name parameter in a request to the user's page in mgmt/shared/auth… CWE-255
Credentials Management 		CVE-2014-3220 2024-11-21 11:07 2014-05-6 Show GitHub Exploit DB Packet Storm
290453 - phplist phplist Cross-site request forgery (CSRF) vulnerability in the subscription page editor (spageedit) in phpList before 3.0.6 allows remote attackers to hijack the authentication of administrators via a reques… CWE-352
 Origin Validation Error 		CVE-2014-2916 2024-11-21 11:07 2014-05-6 Show GitHub Exploit DB Packet Storm
290454 - xen xen Xen 4.4.x, when running on an ARM system, does not properly context switch the CNTKCTL_EL1 register, which allows local guest users to modify the hardware timers and cause a denial of service (crash)… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3125 2024-11-21 11:07 2014-05-2 Show GitHub Exploit DB Packet Storm
290455 - sitepark information_enterprise_server Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when upgraded from an earlier version, does not properly restrict access, which allows remote attackers to change the manager account pa… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3006 2024-11-21 11:07 2014-05-2 Show GitHub Exploit DB Packet Storm
290456 - freebsd freebsd The device file system (aka devfs) in FreeBSD 10.0 before p2 does not load default rulesets when booting, which allows context-dependent attackers to bypass intended restrictions by leveraging a jail… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3001 2024-11-21 11:07 2014-05-2 Show GitHub Exploit DB Packet Storm
290457 - freebsd freebsd The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service (undefi… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-3000 2024-11-21 11:07 2014-05-2 Show GitHub Exploit DB Packet Storm
290458 - fishshell fish fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user per… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-2905 2024-11-21 11:07 2014-05-2 Show GitHub Exploit DB Packet Storm
290459 - unitrends enterprise_backup recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string. CWE-287
Improper Authentication 		CVE-2014-3139 2024-11-21 11:07 2014-05-2 Show GitHub Exploit DB Packet Storm
290460 - xerox docushare SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1 before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows remote authenticated users to execute arbitrary… CWE-89
SQL Injection 		CVE-2014-3138 2024-11-21 11:07 2014-05-2 Show GitHub Exploit DB Packet Storm