Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201381 8.8 重要
Network 		マイクロソフト - 複数の Microsoft Windows 製品のメディア ファンデーションにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-7217 2016-11-15 10:49 2016-11-8 Show GitHub Exploit DB Packet Storm
201382 6.5 警告
Network 		マイクロソフト - 複数の Microsoft Windows 製品の atmfd.dll におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-7210 2016-11-15 10:49 2016-11-8 Show GitHub Exploit DB Packet Storm
201383 8.8 重要
Network 		マイクロソフト - 複数の Microsoft Windows 製品のアニメーション マネージャーにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-7205 2016-11-15 10:48 2016-11-8 Show GitHub Exploit DB Packet Storm
201384 6.5 警告
Network 		マイクロソフト - 複数の Microsoft Windows 製品のローカルセキュリティ機関サブシステムサービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-7237 2016-11-15 10:34 2016-11-8 Show GitHub Exploit DB Packet Storm
201385 7.8 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Microsoft ビデオ コントロールにおける任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-7248 2016-11-15 10:13 2016-11-8 Show GitHub Exploit DB Packet Storm
201386 7.8 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-7212 2016-11-15 10:13 2016-11-8 Show GitHub Exploit DB Packet Storm
201387 4.7 警告
Local 		マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバの Bowser.sys における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-7218 2016-11-15 10:01 2016-11-8 Show GitHub Exploit DB Packet Storm
201388 5.5 警告
Local 		Fabrice Bellard
Canonical
オラクル		 - QEMU の hw/virtio/virtio.c の virtqueue_pop 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-5403 2016-11-14 17:56 2016-07-20 Show GitHub Exploit DB Packet Storm
201389 8.6 重要
Network 		ISC, Inc.
日本電気
SUSE		 - ISC BIND の named におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1286 2016-11-14 17:56 2016-03-9 Show GitHub Exploit DB Packet Storm
201390 6.8 警告
Network 		ISC, Inc.
日本電気
SUSE		 - ISC BIND の named におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1285 2016-11-14 17:56 2016-03-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290741 - mostgear easy_lan_folder_share Buffer overflow in MostGear Soft Easy LAN Folder Share 3.2.0.100 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in the (1) r… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-6079 2024-11-21 10:58 2013-10-12 Show GitHub Exploit DB Packet Storm
290742 - alienvault open_source_security_information_management Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from par… CWE-89
SQL Injection 		CVE-2013-5967 2024-11-21 10:58 2013-10-9 Show GitHub Exploit DB Packet Storm
290743 - djangoproject django The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce … CWE-79
Cross-site Scripting 		CVE-2013-6044 2024-11-21 10:58 2013-10-5 Show GitHub Exploit DB Packet Storm
290744 - citrix netscaler_application_delivery_controller_firmware
netscaler_application_delivery_controller 		Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request. CWE-20
 Improper Input Validation  		CVE-2013-6011 2024-11-21 10:58 2013-10-5 Show GitHub Exploit DB Packet Storm
290745 - polarssl polarssl The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly perform Montgomery multiplication, which might allow remote attackers to conduct a timing side-channel attack and retrieve RSA pr… CWE-310
Cryptographic Issues 		CVE-2013-5915 2024-11-21 10:58 2013-10-5 Show GitHub Exploit DB Packet Storm
290746 - wearegumball comment-attachment Cross-site scripting (XSS) vulnerability in the Comment Attachment plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "Attachment field title." CWE-79
Cross-site Scripting 		CVE-2013-6010 2024-11-21 10:58 2013-10-4 Show GitHub Exploit DB Packet Storm
290747 - open-xchange open-xchange_appsuite CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, when using AJP in certain conditions, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting … CWE-94
Code Injection 		CVE-2013-6009 2024-11-21 10:58 2013-10-4 Show GitHub Exploit DB Packet Storm
290748 - siemens scalance_x-200_series_firmware
scalance_x-200
scalance_x-200irt 		The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which a… CWE-287
Improper Authentication 		CVE-2013-5944 2024-11-21 10:58 2013-10-3 Show GitHub Exploit DB Packet Storm
290749 - springsignage xibo Directory traversal vulnerability in Spring Signage Xibo 1.2.x before 1.2.3 and 1.4.x before 1.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter to index.php. CWE-22
Path Traversal 		CVE-2013-5979 2024-11-21 10:58 2013-10-3 Show GitHub Exploit DB Packet Storm
290750 - f5 big-ip_access_policy_manager Cross-site scripting (XSS) vulnerability in the access policy logout page (logout.inc) in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.1.0 through 11.3.0 allows remote attackers to inject arbitrary web… CWE-79
Cross-site Scripting 		CVE-2013-5976 2024-11-21 10:58 2013-10-2 Show GitHub Exploit DB Packet Storm