Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
201771 7.5 重要
Network
Eaton - Eaton xComfort Ethernet Communication Interface における認証なしでファイルにアクセスされる脆弱性 CWE-284
不適切なアクセス制御
CVE-2016-9368 2017-04-3 17:34 2016-11-16 Show GitHub Exploit DB Packet Storm
201772 6.1 警告
Network
LG project - Cougar LG の lg.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2014-3926 2017-04-3 17:27 2014-06-22 Show GitHub Exploit DB Packet Storm
201773 8.8 重要
Network
Zammad - Zammad におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2017-6081 2017-04-3 17:27 2017-02-14 Show GitHub Exploit DB Packet Storm
201774 9.8 緊急
Network
Zammad - Zammad における有効なセッション Cookie を持つユーザの REST API に対してクロスドメイン要求を直接送信される脆弱性 CWE-284
不適切なアクセス制御
CVE-2017-6080 2017-04-3 17:27 2017-02-14 Show GitHub Exploit DB Packet Storm
201775 6.1 警告
Network
Zammad - Zammad におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2017-5621 2017-04-3 17:27 2017-02-14 Show GitHub Exploit DB Packet Storm
201776 6.1 警告
Network
Zammad - Zammad におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2017-5620 2017-04-3 17:27 2017-02-14 Show GitHub Exploit DB Packet Storm
201777 9.8 緊急
Network
Zammad - Zammad におけるハッシュ化されたパスワード自体でログインされる脆弱性 CWE-255
証明書・パスワード管理
CVE-2017-5619 2017-04-3 17:27 2017-02-14 Show GitHub Exploit DB Packet Storm
201778 6.1 警告
Network
UNINETT - mod_auth_mellon におけるクロスサイトセッション転送攻撃 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2017-6807 2017-04-3 17:13 2017-03-13 Show GitHub Exploit DB Packet Storm
201779 9.8 緊急
Network
OnePlus - OnePlus 3 および 3T 上で稼動する OxygenOS における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2017-5626 2017-04-3 17:08 2017-02-8 Show GitHub Exploit DB Packet Storm
201780 9.8 緊急
Network
OnePlus - OnePlus 3 および 3T 用 OxygenOS における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2017-5624 2017-04-3 17:08 2017-02-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
289261 - openstack
fedoraproject
redhat
neutron
fedora
openstack
OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration. CWE-20
CWE-399
 Improper Input Validation 
 Resource Management Errors
CVE-2014-7821 2024-11-21 11:18 2014-11-25 Show GitHub Exploit DB Packet Storm
289262 - canonical
debian
gnu
opensuse
ubuntu_linux
debian_linux
glibc
opensuse
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containin… CWE-20
 Improper Input Validation 
CVE-2014-7817 2024-11-21 11:18 2014-11-25 Show GitHub Exploit DB Packet Storm
289263 - moodle moodle lib/phpunit/bootstrap.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error mes… CWE-200
Information Exposure
CVE-2014-7848 2024-11-21 11:18 2014-11-24 Show GitHub Exploit DB Packet Storm
289264 - moodle moodle iplookup/index.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote attackers to cause a denial of service (resource consumption) by triggering t… CWE-399
 Resource Management Errors
CVE-2014-7847 2024-11-21 11:18 2014-11-24 Show GitHub Exploit DB Packet Storm
289265 - moodle moodle tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows re… CWE-264
Permissions, Privileges, and Access Controls
CVE-2014-7846 2024-11-21 11:18 2014-11-24 Show GitHub Exploit DB Packet Storm
289266 - moodle moodle The generate_password function in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide a sufficient number of possible temporary passwords, which all… CWE-255
Credentials Management
CVE-2014-7845 2024-11-21 11:18 2014-11-24 Show GitHub Exploit DB Packet Storm
289267 - moodle moodle Multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijac… CWE-352
 Origin Validation Error
CVE-2014-7838 2024-11-21 11:18 2014-11-24 Show GitHub Exploit DB Packet Storm
289268 - moodle moodle mod/wiki/admin.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to remove wiki pages by leveraging delete access within a… CWE-264
Permissions, Privileges, and Access Controls
CVE-2014-7837 2024-11-21 11:18 2014-11-24 Show GitHub Exploit DB Packet Storm
289269 - moodle moodle Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack … CWE-352
 Origin Validation Error
CVE-2014-7836 2024-11-21 11:18 2014-11-24 Show GitHub Exploit DB Packet Storm
289270 - moodle moodle webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not ensure that a file upload is for a private or draft area, which allows remote authenticated users to upload files co… CWE-79
Cross-site Scripting
CVE-2014-7835 2024-11-21 11:18 2014-11-24 Show GitHub Exploit DB Packet Storm