Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201491 9.8 緊急
Network 		ImageMagick
オラクル		 - ImageMagick の MagickCore/profile.c における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2016-5841 2016-12-22 17:35 2016-06-23 Show GitHub Exploit DB Packet Storm
201492 6.1 警告
Network 		NHN Japan - nGrinder におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-5060 2016-12-22 16:29 2016-05-24 Show GitHub Exploit DB Packet Storm
201493 7.8 重要
Local 		マイクロソフト - Microsoft Auto Updater for Mac における権限昇格の脆弱性 CWE-426
信頼性のない検索パス 		CVE-2016-7300 2016-12-22 14:48 2016-12-13 Show GitHub Exploit DB Packet Storm
201494 7.8 重要
Local 		マイクロソフト - 複数の Microsoft Office 製品における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-7298 2016-12-22 14:48 2016-12-13 Show GitHub Exploit DB Packet Storm
201495 3.3
Local 		マイクロソフト - 複数の Microsoft 製品におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-125
境界外読み取り 		CVE-2016-7291 2016-12-22 14:48 2016-12-13 Show GitHub Exploit DB Packet Storm
201496 3.3
Local 		マイクロソフト - 複数の Microsoft 製品におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-125
境界外読み取り 		CVE-2016-7290 2016-12-22 14:48 2016-12-13 Show GitHub Exploit DB Packet Storm
201497 7.8 重要
Local 		マイクロソフト - Microsoft Publisher 2010 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-7289 2016-12-22 14:48 2016-12-13 Show GitHub Exploit DB Packet Storm
201498 5.5 警告
Local 		マイクロソフト - 複数の Microsoft 製品におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-125
境界外読み取り 		CVE-2016-7268 2016-12-22 14:48 2016-12-13 Show GitHub Exploit DB Packet Storm
201499 7.8 重要
Local 		マイクロソフト - 複数の Microsoft Excel 製品における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-7266 2016-12-22 14:48 2016-12-13 Show GitHub Exploit DB Packet Storm
201500 5.5 警告
Local 		マイクロソフト - 複数の Microsoft 製品におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-125
境界外読み取り 		CVE-2016-7265 2016-12-22 14:48 2016-12-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
289741 - apple mac_os_x The Intel Graphics Driver in Apple OS X through 10.9.2 does not properly validate a certain pointer, which allows attackers to execute arbitrary code via a crafted application. CWE-20
 Improper Input Validation  		CVE-2014-1318 2024-11-21 11:04 2014-04-23 Show GitHub Exploit DB Packet Storm
289742 - apple mac_os_x Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-1319 2024-11-21 11:04 2014-04-23 Show GitHub Exploit DB Packet Storm
289743 - apple mac_os_x WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code vi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-1314 2024-11-21 11:04 2014-04-23 Show GitHub Exploit DB Packet Storm
289744 - apple mac_os_x Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format st… CWE-134
Use of Externally-Controlled Format String 		CVE-2014-1315 2024-11-21 11:04 2014-04-23 Show GitHub Exploit DB Packet Storm
289745 - apple iphone_os
mac_os_x
mac_os_x_server
tvos 		CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allow… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-1296 2024-11-21 11:04 2014-04-23 Show GitHub Exploit DB Packet Storm
289746 - apple iphone_os
mac_os_x
tvos 		Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation a… CWE-287
Improper Authentication 		CVE-2014-1295 2024-11-21 11:04 2014-04-23 Show GitHub Exploit DB Packet Storm
289747 - carbonblack carbon_black Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon Black before 4.1.0 allow remote attackers to hijack the authentication of administrators for requests that add new administrative … CWE-352
 Origin Validation Error 		CVE-2014-1615 2024-11-21 11:04 2014-04-22 Show GitHub Exploit DB Packet Storm
289748 - mozilla
fedoraproject 		bugzilla
fedora 		The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authent… CWE-287
Improper Authentication 		CVE-2014-1517 2024-11-21 11:04 2014-04-20 Show GitHub Exploit DB Packet Storm
289749 - freebsd freebsd The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not acquire locks in the proper order when converting a directory file handle to a vnode, which allows remote authenticated users to cause … CWE-399
 Resource Management Errors 		CVE-2014-1453 2024-11-21 11:04 2014-04-17 Show GitHub Exploit DB Packet Storm
289750 - pearson esis_enterprise_student_information_system SQL injection vulnerability in the password reset functionality in Pearson eSIS Enterprise Student Information System, possibly 3.3.0.13 and earlier, allows remote attackers to execute arbitrary SQL … CWE-89
SQL Injection 		CVE-2014-1455 2024-11-21 11:04 2014-04-11 Show GitHub Exploit DB Packet Storm