Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201651 5.3 警告
Network 		Exponent CMS project - Exponent CMS の framework/modules/users/controllers/usersController.php における SQL インジェクションの脆弱性 CWE-200
情報漏えい 		CVE-2016-9284 2016-11-16 10:22 2016-11-3 Show GitHub Exploit DB Packet Storm
201652 7.5 重要
Network 		Exponent CMS project - Exponent CMS の framework/core/subsystems/expRouter.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-9283 2016-11-16 10:22 2016-11-4 Show GitHub Exploit DB Packet Storm
201653 7.5 重要
Network 		Exponent CMS project - Exponent CMS の framework/modules/search/controllers/searchController.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-9282 2016-11-16 10:22 2016-11-3 Show GitHub Exploit DB Packet Storm
201654 9.1 緊急
Network 		Exponent CMS project - Exponent CMS におけるブラインド SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-9272 2016-11-16 10:22 2016-11-6 Show GitHub Exploit DB Packet Storm
201655 6.1 警告
Network 		MoinMoin - MoinMoin における "JavaScript インジェクション" 攻撃を実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-7148 2016-11-15 17:56 2016-10-31 Show GitHub Exploit DB Packet Storm
201656 6.1 警告
Network 		MoinMoin - MoinMoin における "JavaScript インジェクション" 攻撃を実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-7146 2016-11-15 17:56 2016-10-31 Show GitHub Exploit DB Packet Storm
201657 7.2 重要
Network 		Dotclear - Dotclear の "Install or upgrade manually" モジュールのブログの外観における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-9268 2016-11-15 17:33 2016-11-8 Show GitHub Exploit DB Packet Storm
201658 7.8 重要
Local 		Git for Windows project - Windows 用 Git における権限を取得される脆弱性 CWE-Other
その他 		CVE-2016-9274 2016-11-15 17:15 2016-11-5 Show GitHub Exploit DB Packet Storm
201659 7.8 重要
Local 		Teradata Corporation - Teradata Studio Express の studioexpressinstall におけるシステムファイルを上書きされる脆弱性 CWE-264
CWE-59
CVE-2016-7490 2016-11-15 17:09 2016-10-3 Show GitHub Exploit DB Packet Storm
201660 9.8 緊急
Network 		Teradata Corporation - Teradata Virtual Machine Community Edition の /opt/teradata/gsctools/bin/t2a.pl における昇格されたコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-7489 2016-11-15 17:08 2016-10-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
289971 6.1 MEDIUM
Network 		nodejs node.js The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag. CWE-79
Cross-site Scripting 		CVE-2013-7451 2024-11-21 11:01 2017-01-24 Show GitHub Exploit DB Packet Storm
289972 3.3 LOW
Local 		redislabs
debian 		redis
debian_linux 		linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file. CWE-200
Information Exposure 		CVE-2013-7458 2024-11-21 11:01 2016-08-10 Show GitHub Exploit DB Packet Storm
289973 7.6 HIGH
Network 		libgd libgd gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (… CWE-125
Out-of-bounds Read 		CVE-2013-7456 2024-11-21 11:01 2016-08-7 Show GitHub Exploit DB Packet Storm
289974 7.8 HIGH
Local 		google android Unspecified vulnerability in the Qualcomm components in Android before 2016-07-05 allows attackers to gain privileges via a crafted application. NVD-CWE-noinfo
CVE-2013-7457 2024-11-21 11:01 2016-07-11 Show GitHub Exploit DB Packet Storm
289975 5.9 MEDIUM
Network 		python python The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof serve… CWE-19
 Data Processing Errors 		CVE-2013-7440 2024-11-21 11:01 2016-06-8 Show GitHub Exploit DB Packet Storm
289976 7.5 HIGH
Network 		php php file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage … NVD-CWE-Other
CVE-2014-0236 2024-11-21 11:01 2016-05-16 Show GitHub Exploit DB Packet Storm
289977 9.8 CRITICAL
Network 		littlecms little_cms_color_engine Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that t… NVD-CWE-Other
CVE-2013-7455 2024-11-21 11:01 2016-05-7 Show GitHub Exploit DB Packet Storm
289978 6.5 MEDIUM
Network 		canonical
xchat
hexchat_project 		ubuntu_linux
xchat
xchat_gnome
hexchat 		The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows m… CWE-310
Cryptographic Issues 		CVE-2013-7449 2024-11-21 11:01 2016-04-21 Show GitHub Exploit DB Packet Storm
289979 7.5 HIGH
Network 		debian
didiwiki_project 		debian_linux
didiwiki 		Directory traversal vulnerability in wiki.c in didiwiki allows remote attackers to read arbitrary files via the page parameter to api/page/get. CWE-22
Path Traversal 		CVE-2013-7448 2024-11-21 11:01 2016-02-24 Show GitHub Exploit DB Packet Storm
289980 6.5 MEDIUM
Network 		canonical
samsung 		ubuntu_linux
x14j_firmware 		Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, all… NVD-CWE-Other
CVE-2013-7447 2024-11-21 11:01 2016-02-18 Show GitHub Exploit DB Packet Storm