Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201171 9.8 緊急
Network 		X.Org Foundation
Fedora Project		 - X.org libX11 の XListFonts 関数における権限を取得される脆弱性 CWE-787
境界外書き込み 		CVE-2016-7943 2016-12-19 15:06 2016-09-25 Show GitHub Exploit DB Packet Storm
201172 9.8 緊急
Network 		X.Org Foundation
Fedora Project		 - X.org libX11 の XGetImage 関数における権限を取得される脆弱性 CWE-264
CWE-787
CVE-2016-7942 2016-12-19 15:06 2016-09-25 Show GitHub Exploit DB Packet Storm
201173 9.8 緊急
Network 		Crowbar - Crowbar フレームワークの Openstack デプロイメントおよび Trove Barclamp におけるアクセス権を取得される脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2016-6829 2016-12-19 11:30 2016-08-31 Show GitHub Exploit DB Packet Storm
201174 5.9 警告
Network 		The phpMyAdmin Project - phpMyAdmin におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-6632 2016-12-16 18:16 2016-07-25 Show GitHub Exploit DB Packet Storm
201175 7.5 重要
Network 		The phpMyAdmin Project - phpMyAdmin におけるリモートでコードを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2016-6631 2016-12-16 18:16 2016-07-25 Show GitHub Exploit DB Packet Storm
201176 6.5 警告
Network 		The phpMyAdmin Project - phpMyAdmin におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-6630 2016-12-16 18:16 2016-07-25 Show GitHub Exploit DB Packet Storm
201177 9.8 緊急
Network 		The phpMyAdmin Project - phpMyAdmin の $cfg['ArbitraryServerRegexp'] 設定ディレクティブにおける特定の Cookie の値を再利用される脆弱性 CWE-254
セキュリティ機能 		CVE-2016-6629 2016-12-16 18:16 2016-07-25 Show GitHub Exploit DB Packet Storm
201178 6.3 警告
Network 		The phpMyAdmin Project - phpMyAdmin における巧妙に細工された悪意のある SVG ファイルのダウンロードを誘発される脆弱性 CWE-254
セキュリティ機能 		CVE-2016-6628 2016-12-16 18:16 2016-07-24 Show GitHub Exploit DB Packet Storm
201179 5.4 警告
Network 		The phpMyAdmin Project - phpMyAdmin におけるユーザを悪意のある Web ページにリダイレクトされる脆弱性 CWE-254
セキュリティ機能 		CVE-2016-6626 2016-12-16 18:16 2016-07-24 Show GitHub Exploit DB Packet Storm
201180 5.9 警告
Network 		The phpMyAdmin Project - phpMyAdmin における IP ベースの認証ルールを回避される脆弱性 CWE-254
セキュリティ機能 		CVE-2016-6624 2016-12-16 18:16 2016-07-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291101 9.8 CRITICAL
Network 		clamav
debian
fedoraproject 		clamav
debian_linux
fedora 		ClamAV before 0.97.7 has WWPack corrupt heap memory CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-7087 2024-11-21 11:00 2019-11-16 Show GitHub Exploit DB Packet Storm
291102 7.5 HIGH
Network 		projectfloodlight open_sdn_controller A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from t… CWE-20
 Improper Input Validation  		CVE-2013-7333 2024-11-21 11:00 2019-10-24 Show GitHub Exploit DB Packet Storm
291103 9.8 CRITICAL
Network 		xstream_project xstream Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed inpu… CWE-78
OS Command  		CVE-2013-7285 2024-11-21 11:00 2019-05-16 Show GitHub Exploit DB Packet Storm
291104 5.5 MEDIUM
Local 		gitolite gitolite gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup. CWE-200
Information Exposure 		CVE-2013-7203 2024-11-21 11:00 2018-09-22 Show GitHub Exploit DB Packet Storm
291105 8.1 HIGH
Network 		paypal paypal The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-7202 2024-11-21 11:00 2018-04-28 Show GitHub Exploit DB Packet Storm
291106 7.4 HIGH
Network 		paypal paypal WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information. CWE-295
Improper Certificate Validation  		CVE-2013-7201 2024-11-21 11:00 2018-04-28 Show GitHub Exploit DB Packet Storm
291107 7.5 HIGH
Network 		sybase adaptive_server_enterprise The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP … CWE-285
Improper Authorization 		CVE-2013-7245 2024-11-21 11:00 2018-04-25 Show GitHub Exploit DB Packet Storm
291108 6.5 MEDIUM
Network 		evergreen-ils evergreen The open-ils.pcrud endpoint in Evergreen before 2.5.9, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to obtain sensitive settings history information by leveraging lack of user p… CWE-200
Information Exposure 		CVE-2013-7435 2024-11-21 11:00 2018-02-2 Show GitHub Exploit DB Packet Storm
291109 7.5 HIGH
Network 		dkd direct_mail The Direct Mail (direct_mail) extension before 3.1.2 for TYPO3 allows remote attackers to obtain sensitive information by leveraging improper checking of authentication codes. CWE-200
Information Exposure 		CVE-2013-7400 2024-11-21 11:00 2017-12-30 Show GitHub Exploit DB Packet Storm
291110 8.1 HIGH
Network 		codem-transcode_project codem-transcode The codem-transcode module before 0.5.0 for Node.js, when ffprobe is enabled, allows remote attackers to execute arbitrary commands via a POST request to /probe. CWE-77
Command Injection 		CVE-2013-7377 2024-11-21 11:00 2017-10-24 Show GitHub Exploit DB Packet Storm