Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201001 6.3 警告
Network 		NetApp - NetApp Snap Creator Framework におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2016-5372 2017-02-21 11:40 2016-06-22 Show GitHub Exploit DB Packet Storm
201002 7.5 重要
Network 		TalariaX Pte Ltd - SendQuick Entera および Avera デバイスのアプリケーションにおけるシステムをシャットダウンされる脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-5136 2017-02-21 11:09 2017-02-5 Show GitHub Exploit DB Packet Storm
201003 5.4 警告
Network 		シスコシステムズ - Cisco Prime Service Catalog の Web フレームワークにおけるシステムにログインしているユーザに対して URL リダイレクト攻撃を実行される脆弱性 CWE-601
オープンリダイレクト 		CVE-2017-3810 2017-02-21 11:07 2017-02-1 Show GitHub Exploit DB Packet Storm
201004 6.1 警告
Network 		Plone Foundation - Plone の Zope ZMI の検索機能の manage_findResult コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-7147 2017-02-21 11:05 2016-09-5 Show GitHub Exploit DB Packet Storm
201005 9.1 緊急
Network 		SaltStack - Salt における同一の ID を持つ minion を読まれる脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-9639 2017-02-20 18:16 2016-11-28 Show GitHub Exploit DB Packet Storm
201006 5.2 警告
Adjacent 		Tenable, Inc. - Nessus におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9260 2017-02-20 17:43 2017-01-24 Show GitHub Exploit DB Packet Storm
201007 7.5 重要
Network 		日本電気
Apache Software Foundation		 - Apache HTTP Web Server の HTTP/2 プロトコルの処理にサービス運用妨害 (DoS) の脆弱性 CWE-20
CWE-399
CVE-2016-8740 2017-02-20 17:39 2016-12-4 Show GitHub Exploit DB Packet Storm
201008 7.2 重要
Network 		iRZ Company - iRZ RUH2 におけるデータを変更される脆弱性 CWE-345
データの信頼性についての不十分な検証 		CVE-2016-2309 2017-02-20 17:10 2016-05-17 Show GitHub Exploit DB Packet Storm
201009 7.8 重要
Local 		Google - メディアサーバの libopus の silk/NLSF_stabilize.c における情報を公開される脆弱性 CWE-119
バッファエラー 		CVE-2017-0381 2017-02-20 16:38 2017-01-3 Show GitHub Exploit DB Packet Storm
201010 5.9 警告
Network 		DELL EMC (旧 EMC Corporation)
日立		 - 複数の EMC RSA BSAFE 製品における秘密鍵の prime を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-0887 2017-02-20 16:14 2016-04-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
289851 - redhat enterprise_virtualization The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via un… CWE-200
Information Exposure 		CVE-2014-3485 2024-11-21 11:08 2014-07-11 Show GitHub Exploit DB Packet Storm
289852 - php
debian 		php
debian_linux 		The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers … NVD-CWE-noinfo
CVE-2014-3515 2024-11-21 11:08 2014-07-9 Show GitHub Exploit DB Packet Storm
289853 - php
file_project
debian
opensuse
oracle 		php
file
debian_linux
opensuse
linux 		The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remot… CWE-20
 Improper Input Validation  		CVE-2014-3487 2024-11-21 11:08 2014-07-9 Show GitHub Exploit DB Packet Storm
289854 - php
file_project
debian
opensuse
oracle 		php
file
debian_linux
opensuse
linux 		The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows r… NVD-CWE-noinfo
CVE-2014-3480 2024-11-21 11:08 2014-07-9 Show GitHub Exploit DB Packet Storm
289855 - php
file_project
debian
opensuse
oracle 		php
file
debian_linux
opensuse
linux 		The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows r… NVD-CWE-noinfo
CVE-2014-3479 2024-11-21 11:08 2014-07-9 Show GitHub Exploit DB Packet Storm
289856 - christos_zoulas
php 		file
php 		Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-3478 2024-11-21 11:08 2014-07-9 Show GitHub Exploit DB Packet Storm
289857 - redhat cloudforms_3.0_management_engine lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force atta… CWE-255
Credentials Management 		CVE-2014-3489 2024-11-21 11:08 2014-07-7 Show GitHub Exploit DB Packet Storm
289858 - redhat cloudforms_3.0_management_engine The (1) shell_exec function in lib/util/MiqSshUtilV1.rb and (2) temp_cmd_file function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allow local users … CWE-59
Link Following 		CVE-2014-3486 2024-11-21 11:08 2014-07-7 Show GitHub Exploit DB Packet Storm
289859 - redhat jboss_enterprise_application_platform org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary … CWE-200
Information Exposure 		CVE-2014-3481 2024-11-21 11:08 2014-07-7 Show GitHub Exploit DB Packet Storm
289860 - rubyonrails rails SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before … CWE-89
SQL Injection 		CVE-2014-3483 2024-11-21 11:08 2014-07-7 Show GitHub Exploit DB Packet Storm