Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202011 7.5 重要
Network 		HexChat - HexChat の common/inbound.c の inbound_cap_ls 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-2233 2017-01-31 14:18 2016-02-7 Show GitHub Exploit DB Packet Storm
202012 7.4 重要
Network 		HexChat - HexChat のクライアントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2016-2087 2017-01-31 14:18 2016-01-26 Show GitHub Exploit DB Packet Storm
202013 7.5 重要
Network 		Tiki Software Community Association - Tiki Wiki CMS におけるシステム上で任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2016-10143 2017-01-31 14:12 2016-11-17 Show GitHub Exploit DB Packet Storm
202014 5.9 警告
Network 		JCraft, Inc. - Windows 上で稼動する JCraft JSch におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2016-5725 2017-01-31 14:01 2016-08-30 Show GitHub Exploit DB Packet Storm
202015 8.8 重要
Local 		Firejail project - Firejail におけるサンドボックス外で任意のコマンドを実行される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-9016 2017-01-31 13:54 2016-10-25 Show GitHub Exploit DB Packet Storm
202016 9.8 緊急
Network 		Sociomantic Labs - sociomantic-tsunami git-hub における任意のコードを実行される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-7794 2017-01-31 13:50 2016-09-7 Show GitHub Exploit DB Packet Storm
202017 8.8 重要
Network 		Sociomantic Labs - sociomantic-tsunami git-hub における任意のコードを実行される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-7793 2017-01-31 13:50 2016-09-7 Show GitHub Exploit DB Packet Storm
202018 4 警告
Local 		Info-ZIP - Info-Zip UnZip の list.c の list_files 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-9913 2017-01-31 13:36 2014-11-3 Show GitHub Exploit DB Packet Storm
202019 6.1 警告
Network 		BlackBerry - BlackBerry の WatchDox サーバコンポーネントの Appliance-X および vApp における反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-3890 2017-01-31 12:23 2017-01-10 Show GitHub Exploit DB Packet Storm
202020 9.8 緊急
Network 		Intelliants - Subrion CMS の includes/classes/ia.core.users.php における PHP オブジェクトインジェクション攻撃を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2017-5543 2017-01-31 11:33 2017-01-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292571 - cisco mediasense The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0672 2024-11-21 11:02 2014-01-22 Show GitHub Exploit DB Packet Storm
292572 - cisco mediasense Open redirect vulnerability in Cisco MediaSense allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCum16749. CWE-20
 Improper Input Validation  		CVE-2014-0671 2024-11-21 11:02 2014-01-22 Show GitHub Exploit DB Packet Storm
292573 - cisco mediasense Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID C… CWE-79
Cross-site Scripting 		CVE-2014-0670 2024-11-21 11:02 2014-01-22 Show GitHub Exploit DB Packet Storm
292574 - cisco asr_5000_series_software The Wireless Session Protocol (WSP) feature in the Gateway GPRS Support Node (GGSN) component on Cisco ASR 5000 series devices allows remote attackers to bypass intended Top-Up payment restrictions v… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0669 2024-11-21 11:02 2014-01-22 Show GitHub Exploit DB Packet Storm
292575 - ecava integraxor Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-0753 2024-11-21 11:02 2014-01-21 Show GitHub Exploit DB Packet Storm
292576 - cisco secure_access_control_system Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug… CWE-79
Cross-site Scripting 		CVE-2014-0668 2024-11-21 11:02 2014-01-20 Show GitHub Exploit DB Packet Storm
292577 - sonatype nexus Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types. CWE-94
Code Injection 		CVE-2014-0792 2024-11-21 11:02 2014-01-18 Show GitHub Exploit DB Packet Storm
292578 - cisco secure_access_control_system The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to th… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0667 2024-11-21 11:02 2014-01-17 Show GitHub Exploit DB Packet Storm
292579 - cisco jabber Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently… CWE-22
Path Traversal 		CVE-2014-0666 2024-11-21 11:02 2014-01-17 Show GitHub Exploit DB Packet Storm
292580 - cisco secure_access_control_system The web interface in Cisco Secure Access Control System (ACS) 5.x before 5.4 Patch 3 allows remote attackers to execute arbitrary operating-system commands via a request to this interface, aka Bug ID… CWE-20
 Improper Input Validation  		CVE-2014-0650 2024-11-21 11:02 2014-01-17 Show GitHub Exploit DB Packet Storm