Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201091 9.6 緊急
Network 		マイクロソフト - Microsoft Office 2016 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-7277 2016-12-21 17:41 2016-12-13 Show GitHub Exploit DB Packet Storm
201092 5.5 警告
Local 		マイクロソフト - 複数の Microsoft Office 製品におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-125
境界外読み取り 		CVE-2016-7276 2016-12-21 17:41 2016-12-13 Show GitHub Exploit DB Packet Storm
201093 7.8 重要
Local 		マイクロソフト - 複数の Microsoft Office 製品における権限昇格の脆弱性 CWE-19
CWE-264
CVE-2016-7275 2016-12-21 17:41 2016-12-13 Show GitHub Exploit DB Packet Storm
201094 6.5 警告
Network 		マイクロソフト - 複数の Microsoft Windows および Office 製品の GDI コンポーネントにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-7257 2016-12-21 17:27 2016-12-13 Show GitHub Exploit DB Packet Storm
201095 8.8 重要
Network 		マイクロソフト - Microsoft Windows 10 および Windows Server 2016 の Graphics コンポーネントにおける任意のコードを実行される脆弱性 CWE-19
データ処理 		CVE-2016-7273 2016-12-21 17:24 2016-12-13 Show GitHub Exploit DB Packet Storm
201096 7.5 重要
Network 		マイクロソフト - Microsoft Internet Explorer 11 および Microsoft Edge のスクリプトエンジンにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-7287 2016-12-21 17:21 2016-12-13 Show GitHub Exploit DB Packet Storm
201097 4.3 警告
Network 		マイクロソフト - Microsoft Internet Explorer 10 および 11 におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-7284 2016-12-21 17:21 2016-12-13 Show GitHub Exploit DB Packet Storm
201098 8.8 重要
Network 		マイクロソフト - Microsoft Internet Explorer 9 から 11 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-7283 2016-12-21 17:21 2016-12-13 Show GitHub Exploit DB Packet Storm
201099 6.1 警告
Network 		マイクロソフト - Microsoft Internet Explorer 9 から 11 および Microsoft Edge におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-7282 2016-12-21 17:21 2016-12-13 Show GitHub Exploit DB Packet Storm
201100 5.3 警告
Network 		マイクロソフト - Microsoft Internet Explorer 10 から 11 および Microsoft Edge の Web ワーカーの実装における同一生成元ポリシーを回避される脆弱性 CWE-254
セキュリティ機能 		CVE-2016-7281 2016-12-21 17:21 2016-12-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290631 - emc documentum_foundation_services The web service in EMC Documentum Foundation Services (DFS) 6.5 through 6.7 before 6.7 SP1 P22, 6.7 SP2 before P08, 7.0 before P12, and 7.1 before P01 does not properly implement content uploading, w… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0622 2024-11-21 11:02 2014-02-7 Show GitHub Exploit DB Packet Storm
290632 - rockwellautomation rslogix_5000_design_and_configuration_software Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive informatio… CWE-255
Credentials Management 		CVE-2014-0755 2024-11-21 11:02 2014-02-5 Show GitHub Exploit DB Packet Storm
290633 - ibm general_parallel_file_system IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program. CWE-20
 Improper Input Validation  		CVE-2014-0834 2024-11-21 11:02 2014-02-4 Show GitHub Exploit DB Packet Storm
290634 - cisco unified_communications_manager Cisco Unified Communications Manager (aka Unified CM) 9.1 (2.10000.28) and earlier allows local users to gain privileges by leveraging incorrect file permissions, aka Bug IDs CSCul24917 and CSCul2490… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0686 2024-11-21 11:02 2014-02-4 Show GitHub Exploit DB Packet Storm
290635 - ibm financial_transaction_manager The OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intende… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0833 2024-11-21 11:02 2014-02-2 Show GitHub Exploit DB Packet Storm
290636 - ibm financial_transaction_manager Multiple cross-site scripting (XSS) vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allow remote authenticated user… CWE-79
Cross-site Scripting 		CVE-2014-0832 2024-11-21 11:02 2014-02-2 Show GitHub Exploit DB Packet Storm
290637 - ibm financial_transaction_manager Cross-site request forgery (CSRF) vulnerability in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary us… CWE-352
 Origin Validation Error 		CVE-2014-0831 2024-11-21 11:02 2014-02-2 Show GitHub Exploit DB Packet Storm
290638 - ibm financial_transaction_manager Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authentica… CWE-22
Path Traversal 		CVE-2014-0830 2024-11-21 11:02 2014-02-2 Show GitHub Exploit DB Packet Storm
290639 - kent-web joyful_note Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspe… CWE-79
Cross-site Scripting 		CVE-2014-0812 2024-11-21 11:02 2014-02-2 Show GitHub Exploit DB Packet Storm
290640 - 3s-software codesys_runtime_toolkit Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. CWE-399
 Resource Management Errors 		CVE-2014-0757 2024-11-21 11:02 2014-01-31 Show GitHub Exploit DB Packet Storm