Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201881	9.8	緊急 Network	SAP	-	SAP ASE における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-7402	2016-11-7 14:34	2016-09-13	Show	GitHub Exploit DB Packet Storm

201882	5.4	警告 Network	IBM	-	IBM Financial Transaction Manager の Web UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-5920	2016-11-7 14:21	2016-08-19	Show	GitHub Exploit DB Packet Storm

201883	5.7	警告 Network	IBM	-	IBM Financial Transaction Manager の Payments Director におけるクリックジャッキング攻撃を実行される脆弱性	CWE-Other その他	CVE-2016-3060	2016-11-7 14:21	2016-08-19	Show	GitHub Exploit DB Packet Storm

201884	9.8	緊急 Network	アドビシステムズ	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2016-7855	2016-11-7 14:02	2016-10-26	Show	GitHub Exploit DB Packet Storm

201885	9.8	緊急 Network	Google サムスン	-	Samsung Galaxy デバイスの libomacp.so における整数オーバーフローの脆弱性	CWE-Other その他	CVE-2016-7990	2016-11-7 12:06	2016-06-21	Show	GitHub Exploit DB Packet Storm

201886	7.5	重要 Network	Google サムスン	-	Samsung Galaxy デバイスにおける意図しない設定メッセージを引き起こされる脆弱性	CWE-Other その他	CVE-2016-7988	2016-11-7 12:06	2016-06-21	Show	GitHub Exploit DB Packet Storm

201887	7.5	重要 Network	ブロケードコミュニケーションズシステムズ株式会社	-	Brocade MLXs イメージ上で稼働する Brocade NetIron OS の IPsec コードパスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-8203	2016-11-7 11:12	2016-10-3	Show	GitHub Exploit DB Packet Storm

201888	6.5	警告 Network	Andreas Gohr	-	DokuWiki におけるフィッシング攻撃を実行される脆弱性	CWE-20 不適切な入力確認	CVE-2016-7965	2016-11-7 10:54	2016-10-4	Show	GitHub Exploit DB Packet Storm

201889	8.6	重要 Network	Andreas Gohr	-	DokuWiki の file /inc/HTTPClient.php の HTTPClient クラスの sendRequest メソッドにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-Other その他	CVE-2016-7964	2016-11-7 10:54	2016-10-4	Show	GitHub Exploit DB Packet Storm

201890	7.5	重要 Network	Artifex Software	-	Artifex Software MuJS における重要な情報を取得される脆弱性	-	CVE-2016-9136	2016-11-4 18:04	2016-10-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
289941	-	wordpress	wordpress	The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it e…	CWE-287 Improper Authentication	CVE-2014-0166	2024-11-21 11:01	2014-04-10	Show	GitHub Exploit DB Packet Storm

289942	-	wordpress	wordpress	WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by leveraging the Contributor role, related to wp-admin/includes/post.php and wp-admin/includes/class-…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-0165	2024-11-21 11:01	2014-04-10	Show	GitHub Exploit DB Packet Storm

289943	-	microsoft	windows_xp windows_server_2008 windows_server_2012 windows_rt windows_8.1 windows_7 windows_rt_8.1 windows_vista windows_8 windows_server_2003	Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows…	CWE-426 Untrusted Search Path	CVE-2014-0315	2024-11-21 11:01	2014-04-9	Show	GitHub Exploit DB Packet Storm

289944	-	huawei	echo_life_hg8247_firmware echo_life	Cross-site scripting (XSS) vulnerability in the web interface on Huawei Echo Life HG8247 routers with software before V100R006C00SPC127 allows remote attackers to inject arbitrary web script or HTML …	CWE-79 Cross-site Scripting	CVE-2014-0337	2024-11-21 11:01	2014-04-5	Show	GitHub Exploit DB Packet Storm

289945	-	redhat	jboss_enterprise_application_platform	Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when using a Java Security Manager (JSM), does not properly apply permissions defined by a policy file, which causes applications to be gr…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-0093	2024-11-21 11:01	2014-04-4	Show	GitHub Exploit DB Packet Storm

289946	-	oracle apache	retail_applications tomcat commons_fileupload	MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU co…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-0050	2024-11-21 11:01	2014-04-1	Show	GitHub Exploit DB Packet Storm

289947	-	redhat	richfaces jboss_web_framework_kit	The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a…	CWE-20 Improper Input Validation	CVE-2014-0086	2024-11-21 11:01	2014-03-31	Show	GitHub Exploit DB Packet Storm

289948	-	apple postgresql	mac_os_x mac_os_x_server postgresql	The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-0067	2024-11-21 11:01	2014-03-31	Show	GitHub Exploit DB Packet Storm

289949	-	postgresql	postgresql	The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library f…	CWE-20 Improper Input Validation	CVE-2014-0066	2024-11-21 11:01	2014-03-31	Show	GitHub Exploit DB Packet Storm

289950	-	postgresql	postgresql	Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-0065	2024-11-21 11:01	2014-03-31	Show	GitHub Exploit DB Packet Storm