Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
201811 5.5 警告
Local
PoDoFo project - PoDoFo の graphicsstack.h の GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス
CVE-2017-6841 2017-04-7 16:52 2017-03-2 Show GitHub Exploit DB Packet Storm
201812 5.5 警告
Local
PoDoFo project - PoDoFo の colorchanger.cpp の ColorChanger::GetColorFromStack 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り
CVE-2017-6840 2017-04-7 16:52 2017-03-2 Show GitHub Exploit DB Packet Storm
201813 5.3 警告
Physics
Becton, Dickinson and Company (BD) - BD Alaris 8015 PC unit における暗号化されていないワイヤレスネットワークの認証資格情報を取得される脆弱性 CWE-255
証明書・パスワード管理
CVE-2016-9355 2017-04-7 16:50 2016-11-16 Show GitHub Exploit DB Packet Storm
201814 4.9 警告
Physics
Becton, Dickinson and Company (BD) - BD Alaris 8015 PC unit および 8000 PC unit における暗号化されていないワイヤレスネットワークの認証資格情報を取得される脆弱性 CWE-255
証明書・パスワード管理
CVE-2016-8375 2017-04-7 16:50 2016-09-28 Show GitHub Exploit DB Packet Storm
201815 7.5 重要
Network
ImageMagick - ODR-PadEnc などの製品で使用される ImageMagick の MagickCore/option.c におけるメモリ消費を誘発される脆弱性 CWE-399
リソース管理の問題
CVE-2016-10252 2017-04-7 16:10 2017-03-8 Show GitHub Exploit DB Packet Storm
201816 9.8 緊急
Network
Rockwell Automation - 複数の Rockwell Automation 製品におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2016-9343 2017-04-7 16:02 2016-11-16 Show GitHub Exploit DB Packet Storm
201817 2.7
Network
Rockwell Automation - 複数の Rockwell Automation Allen-Bradley MicroLogix 1100 および 1400 コントローラにおけるすべての管理者を削除される脆弱性 CWE-Other
その他
CVE-2016-9338 2017-04-7 16:02 2016-11-16 Show GitHub Exploit DB Packet Storm
201818 7.3 重要
Network
Rockwell Automation - 複数の Rockwell Automation Allen-Bradley MicroLogix 1100 および 1400 コントローラにおける認証情報を取得される脆弱性 CWE-Other
その他
CVE-2016-9334 2017-04-7 16:02 2016-11-3 Show GitHub Exploit DB Packet Storm
201819 8.8 重要
Network
Smartlink Network Systems Ltd. - DIGISOL DG-HR1400 ワイヤレスルータにおける権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2017-6896 2017-04-7 15:23 2017-03-13 Show GitHub Exploit DB Packet Storm
201820 6.1 警告
Network
セイコーエプソン株式会社 - EPSON TMNet WebConfig におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2017-6443 2017-04-7 15:04 2017-03-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
289191 - php php Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execu… NVD-CWE-Other
CVE-2014-8142 2024-11-21 11:18 2014-12-20 Show GitHub Exploit DB Packet Storm
289192 - cisco enterprise_content_delivery_system Directory traversal vulnerability in Cisco Enterprise Content Delivery System (ECDS) allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCuo90148. CWE-22
Path Traversal
CVE-2014-8019 2024-11-21 11:18 2014-12-20 Show GitHub Exploit DB Packet Storm
289193 - cisco prime_infrastructure Cisco Prime Infrastructure allows remote authenticated users to read device-discovery passwords by examining the HTML source code of the Quick Discovery options page, aka Bug ID CSCum00019. CWE-200
Information Exposure
CVE-2014-8007 2024-11-21 11:18 2014-12-20 Show GitHub Exploit DB Packet Storm
289194 - mageia
redhat
canonical
opensuse
mageia
libvirt
ubuntu_linux
opensuse
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denia… CWE-264
Permissions, Privileges, and Access Controls
CVE-2014-8136 2024-11-21 11:18 2014-12-20 Show GitHub Exploit DB Packet Storm
289195 - redhat libvirt The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereferen… NVD-CWE-Other
CVE-2014-8135 2024-11-21 11:18 2014-12-20 Show GitHub Exploit DB Packet Storm
289196 - dell
intel
idrac6_modular
idrac7
ipmi
idrac6_monolithic
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote at… NVD-CWE-Other
CVE-2014-8272 2024-11-21 11:18 2014-12-19 Show GitHub Exploit DB Packet Storm
289197 - cisco ironport_email_security_appliances The Cisco IronPort Email Security Appliance (ESA) allows remote attackers to cause a denial of service (CPU consumption) via long Subject headers in e-mail messages, aka Bug ID CSCzv93864. CWE-399
 Resource Management Errors
CVE-2014-8016 2024-11-21 11:18 2014-12-19 Show GitHub Exploit DB Packet Storm
289198 - cisco ios_xr Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710. CWE-19
 Data Processing Errors
CVE-2014-8014 2024-11-21 11:18 2014-12-19 Show GitHub Exploit DB Packet Storm
289199 - cisco adaptive_security_appliance_software Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted… CWE-79
Cross-site Scripting
CVE-2014-8012 2024-11-21 11:18 2014-12-19 Show GitHub Exploit DB Packet Storm
289200 - thermostat_project thermostat The agent in Thermostat before 1.0.6, when using unspecified configurations, allows local users to obtain the JMX management URLs of all local Java virtual machines and gain privileges via unknown ve… NVD-CWE-noinfo
CVE-2014-8120 2024-11-21 11:18 2014-12-19 Show GitHub Exploit DB Packet Storm