Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202091	7.5	重要 Network	レッドハット Debian openSUSE project SUSE Google	-	Google Chrome の Autofill の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2016-1690	2016-08-31 18:11	2016-05-25	Show	GitHub Exploit DB Packet Storm

202092	6.5	警告 Network	openSUSE project Canonical Debian Google SUSE レッドハット	-	Google Chrome の content/renderer/media/canvas_capture_handler.cc におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-1689	2016-08-31 18:11	2016-05-25	Show	GitHub Exploit DB Packet Storm

202093	6.5	警告 Network	openSUSE project Canonical Debian Google SUSE レッドハット	-	Google Chrome で使用される Google V8 の regexp の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-1688	2016-08-31 18:11	2016-05-25	Show	GitHub Exploit DB Packet Storm

202094	6.5	警告 Network	レッドハット Debian openSUSE project SUSE Google	-	Google Chrome のレンダラの実装における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-1687	2016-08-31 18:11	2016-05-25	Show	GitHub Exploit DB Packet Storm

202095	6.5	警告 Network	レッドハット Debian openSUSE project SUSE Google	-	Google Chrome で使用される PDFium の core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-1686	2016-08-31 18:11	2016-05-25	Show	GitHub Exploit DB Packet Storm

202096	6.5	警告 Network	レッドハット Debian openSUSE project SUSE Google	-	Google Chrome で使用される PDFium の core/fxge/ge/fx_ge_text.cpp におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-1685	2016-08-31 18:11	2016-05-25	Show	GitHub Exploit DB Packet Storm

202097	7.5	重要 Network	アップル Google xmlsoft.org	-	Google Chrome で使用される libxslt の numbers.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2016-1684	2016-08-31 18:10	2016-05-25	Show	GitHub Exploit DB Packet Storm

202098	7.5	重要 Network	xmlsoft.org openSUSE project Canonical Debian Google SUSE レッドハット	-	Google Chrome で使用される libxslt の numbers.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-1683	2016-08-31 18:10	2016-05-25	Show	GitHub Exploit DB Packet Storm

202099	8.8	重要 Network	レッドハット Debian openSUSE project SUSE Google	-	Google Chrome の PDFium で使用される OpenJPEG の j2k.c におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-1681	2016-08-31 18:10	2016-05-25	Show	GitHub Exploit DB Packet Storm

202100	6.5	警告 Network	openSUSE project Canonical Debian Google SUSE レッドハット	-	Google Chrome で使用される Google V8 の uri.js における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-1677	2016-08-31 18:10	2016-05-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
290551	-	zapms	zapms	SQL injection vulnerability in ZAPms 1.41 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter to product.	CWE-89 SQL Injection	CVE-2013-3050	2024-11-21 10:52	2013-04-13	Show	GitHub Exploit DB Packet Storm

290552	-	cisco	ios_xe asr_1001 asr_1002 asr_1002-x asr_1002_fixed_router asr_1004 asr_1006 asr_1013 asr_1023_router	Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) fe…	CWE-20 Improper Input Validation	CVE-2013-2779	2024-11-21 10:52	2013-04-11	Show	GitHub Exploit DB Packet Storm

290553	-	splunk	splunk	Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2013-2766	2024-11-21 10:52	2013-04-11	Show	GitHub Exploit DB Packet Storm

290554	-	puppetlabs puppet	puppet puppet_enterprise	Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized secret" in the CAS client config file (cas_client_config.yml) when upgrading from older 1.2.x or 2.0.x versions, which allows rem…	CWE-310 Cryptographic Issues	CVE-2013-2716	2024-11-21 10:52	2013-04-11	Show	GitHub Exploit DB Packet Storm

290555	-	chatelao	php_address_book	Cross-site request forgery (CSRF) vulnerability in addressbook/register/delete_user.php in PHP Address Book 8.2.5 allows remote attackers to hijack the authentication of administrators for requests t…	CWE-352 Origin Validation Error	CVE-2013-2778	2024-11-21 10:52	2013-04-9	Show	GitHub Exploit DB Packet Storm

290556	-	apple todd_miller	mac_os_x sudo	sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hi…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-2777	2024-11-21 10:52	2013-04-9	Show	GitHub Exploit DB Packet Storm

290557	-	todd_miller apple	sudo mac_os_x	sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling ter…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-2776	2024-11-21 10:52	2013-04-9	Show	GitHub Exploit DB Packet Storm

290558	-	novell	kanaka	The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, whic…	CWE-20 Improper Input Validation	CVE-2013-2770	2024-11-21 10:52	2013-04-8	Show	GitHub Exploit DB Packet Storm

290559	-	schneider-electric	magelis_xbt_hmi	The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions…	CWE-255 CWE-352 Credentials Management Origin Validation Error	CVE-2013-2762	2024-11-21 10:52	2013-04-4	Show	GitHub Exploit DB Packet Storm

290560	-	schneider-electric	modicon_m340	The Schneider Electric M340 BMXNOE01xx and BMXP3420xx PLC modules allow remote authenticated users to cause a denial of service (module crash) via crafted FTP traffic, as demonstrated by the FileZill…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2013-2761	2024-11-21 10:52	2013-04-4	Show	GitHub Exploit DB Packet Storm