Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201351 8.8 重要
Network 		dotCMS - dotCMS の JSONTags サーブレットにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-8905 2016-11-16 14:10 2016-01-5 Show GitHub Exploit DB Packet Storm
201352 8.8 重要
Network 		dotCMS - dotCMS の "Site Browser > Containers pages" スクリーンにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-8904 2016-11-16 14:10 2016-01-5 Show GitHub Exploit DB Packet Storm
201353 8.8 重要
Network 		dotCMS - dotCMS の "Site Browser > Templates pages" スクリーンにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-8903 2016-11-16 14:10 2016-01-5 Show GitHub Exploit DB Packet Storm
201354 9.8 緊急
Network 		dotCMS - dotCMS の categoriesServlet サーブレットにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-8902 2016-11-16 14:10 2016-01-5 Show GitHub Exploit DB Packet Storm
201355 9.8 緊急
Network 		Exponent CMS project - Exponent CMS の /framework/modules/notfound/controllers/notfoundController.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-9287 2016-11-16 12:38 2016-11-6 Show GitHub Exploit DB Packet Storm
201356 9.1 緊急
Network 		Novell - Novell Open Enterprise Server における許可されていないファイルアクセスを実行される脆弱性 CWE-Other
その他 		CVE-2016-5763 2016-11-16 12:30 2016-09-28 Show GitHub Exploit DB Packet Storm
201357 7.5 重要
Network 		サムスン - Samsung Note デバイスの SystemUI における整数オーバーフローの脆弱性 CWE-Other
その他 		CVE-2016-9277 2016-11-16 11:42 2016-08-16 Show GitHub Exploit DB Packet Storm
201358 9.8 緊急
Network 		Exponent CMS project - Exponent CMS の framework/modules/navigation/controllers/navigationController.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-9288 2016-11-16 10:22 2016-11-3 Show GitHub Exploit DB Packet Storm
201359 5.3 警告
Network 		Exponent CMS project - Exponent CMS の framework/modules/users/controllers/usersController.php におけるアドレス情報を読まれる脆弱性 CWE-200
情報漏えい 		CVE-2016-9286 2016-11-16 10:22 2016-11-6 Show GitHub Exploit DB Packet Storm
201360 5.3 警告
Network 		Exponent CMS project - Exponent CMS の framework/modules/addressbook/controllers/addressController.php におけるユーザ情報を読まれる脆弱性 CWE-200
情報漏えい 		CVE-2016-9285 2016-11-16 10:22 2016-11-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290981 - ibm algo_one Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and A… CWE-79
Cross-site Scripting 		CVE-2013-6301 2024-11-21 10:58 2014-03-5 Show GitHub Exploit DB Packet Storm
290982 - ibm algo_one Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and A… CWE-79
Cross-site Scripting 		CVE-2013-6300 2024-11-21 10:58 2014-03-5 Show GitHub Exploit DB Packet Storm
290983 - ibm algo_one Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and A… CWE-79
Cross-site Scripting 		CVE-2013-6299 2024-11-21 10:58 2014-03-5 Show GitHub Exploit DB Packet Storm
290984 - hp application_information_optimizer The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information … NVD-CWE-noinfo
CVE-2013-6204 2024-11-21 10:58 2014-02-26 Show GitHub Exploit DB Packet Storm
290985 - hp application_information_optimizer The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information … NVD-CWE-noinfo
CVE-2013-6203 2024-11-21 10:58 2014-02-26 Show GitHub Exploit DB Packet Storm
290986 - ikiwiki_hosting_project ikiwiki_hosting Multiple cross-site scripting (XSS) vulnerabilities in the site creation interface in ikiwiki-hosting before 0.20131025 allow remote attackers to inject arbitrary web script or HTML via unspecified v… CWE-79
Cross-site Scripting 		CVE-2013-6047 2024-11-21 10:58 2014-02-26 Show GitHub Exploit DB Packet Storm
290987 - hp service_manager Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests tha… CWE-352
 Origin Validation Error 		CVE-2013-6202 2024-11-21 10:58 2014-02-24 Show GitHub Exploit DB Packet Storm
290988 - mozilla firefox Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a pers… CWE-352
 Origin Validation Error 		CVE-2013-6167 2024-11-21 10:58 2014-02-15 Show GitHub Exploit DB Packet Storm
290989 - google chrome Google Chrome before 29 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persist… CWE-352
 Origin Validation Error 		CVE-2013-6166 2024-11-21 10:58 2014-02-15 Show GitHub Exploit DB Packet Storm
290990 - atmail atmail Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail Server 7.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) filter parameter to index.php/mail/mail/li… CWE-79
Cross-site Scripting 		CVE-2013-6229 2024-11-21 10:58 2014-02-13 Show GitHub Exploit DB Packet Storm