Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201321 8.8 重要
Network 		GitLab.org - Gitlab の偽装の機能における他のユーザとして "ログイン" される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-4340 2017-02-8 18:15 2016-05-2 Show GitHub Exploit DB Packet Storm
201322 9.8 緊急
Network 		Magento, Inc. - Magento CE および EE における PHP オブジェクトインジェクション攻撃を実行される脆弱性 CWE-74
インジェクション 		CVE-2016-4010 2017-02-8 17:23 2016-05-17 Show GitHub Exploit DB Packet Storm
201323 9.8 緊急
Network 		LibGD project - GD Graphics ライブラリの gdImageWebPtr 関数におけるメモリ二重解放の脆弱性 CWE-415
二重解放 		CVE-2016-6912 2017-02-8 17:03 2016-08-17 Show GitHub Exploit DB Packet Storm
201324 7.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen の x86 エミュレータにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9386 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
201325 6 警告
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen の x86 セグメントベースの書き込みのエミュレーション機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9385 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
201326 8.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen における任意のメモリを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9383 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
201327 7.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9382 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
201328 7.5 重要
Local 		シトリックス・システムズ
Fabrice Bellard		 - Xen の QEMU における権限を取得される脆弱性 CWE-264
CWE-362
CVE-2016-9381 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
201329 8.8 重要
Adjacent 		Ubiquiti Networks - Ubiquiti Networks UniFi におけるデータベースを変更される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-7792 2017-02-8 16:52 2016-09-30 Show GitHub Exploit DB Packet Storm
201330 7.5 重要
Network 		jwt project - jwt の Encryption/Symmetric.php の verify 関数における署名を偽造される脆弱性 CWE-361
時間とステータス 		CVE-2016-7037 2017-02-8 16:50 2016-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290021 - cisco unity_connection The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3333 2024-11-21 11:07 2014-08-12 Show GitHub Exploit DB Packet Storm
290022 - cisco unified_communications_manager Cisco Unified Communications Manager (CM) 8.6(.2) and earlier has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecif… NVD-CWE-noinfo
CVE-2014-3332 2024-11-21 11:07 2014-08-12 Show GitHub Exploit DB Packet Storm
290023 - cisco webex_meetings_server user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information… CWE-310
Cryptographic Issues 		CVE-2014-3302 2024-11-21 11:07 2014-08-1 Show GitHub Exploit DB Packet Storm
290024 - ibm infosphere_master_data_management_server_for_product_information_management
infosphere_master_data_management 		The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does n… CWE-20
 Improper Input Validation  		CVE-2014-3009 2024-11-21 11:07 2014-08-1 Show GitHub Exploit DB Packet Storm
290025 - ibm maximo_for_nuclear_power
maximo_asset_management_essentials
maximo_service_desk
maximo_asset_management
maximo_for_utilities
maximo_for_transportation
maximo_for_life_sciences
ti… 		Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5 through 7.5.0.3… CWE-79
Cross-site Scripting 		CVE-2014-3025 2024-11-21 11:07 2014-07-30 Show GitHub Exploit DB Packet Storm
290026 - cisco prime_data_center_network_manager Cross-site scripting (XSS) vulnerability in the web-server component in Cisco Prime Data Center Network Manager (DCNM) 6.3(2) and earlier allows remote attackers to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting 		CVE-2014-3329 2024-11-21 11:07 2014-07-30 Show GitHub Exploit DB Packet Storm
290027 - ibm websphere_portal
websphere_portal_unified_task_list_portlet 		Cross-site scripting (XSS) vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting 		CVE-2014-3057 2024-11-21 11:07 2014-07-30 Show GitHub Exploit DB Packet Storm
290028 - ibm websphere_portal
websphere_portal_unified_task_list_portlet 		The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to obtain potentially sensitive information about environment variables and JAR v… CWE-200
Information Exposure 		CVE-2014-3056 2024-11-21 11:07 2014-07-30 Show GitHub Exploit DB Packet Storm
290029 - ibm websphere_portal
websphere_portal_unified_task_list_portlet 		SQL injection vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to execute arbitrary SQL commands via unspecified … CWE-89
SQL Injection 		CVE-2014-3055 2024-11-21 11:07 2014-07-30 Show GitHub Exploit DB Packet Storm
290030 - ibm websphere_portal
websphere_portal_unified_task_list_portlet 		Multiple open redirect vulnerabilities in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allow remote attackers to redirect users to arbitrary web sites… NVD-CWE-Other
CVE-2014-3054 2024-11-21 11:07 2014-07-30 Show GitHub Exploit DB Packet Storm