Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202331 4.3 警告 ヒューレット・パッカード
日本電気
Apache Software Foundation		 - Apache Tomcat の HTTP Digest Access Authentication 実装におけるアクセス制限を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-5063 2016-08-2 17:34 2012-01-14 Show GitHub Exploit DB Packet Storm
202332 5 警告 ヒューレット・パッカード
日本電気
Apache Software Foundation		 - Apache Tomcat の DigestAuthenticator.java における暗号保護機構を回避される脆弱性 CWE-310
暗号の問題 		CVE-2011-5064 2016-08-2 17:34 2012-01-14 Show GitHub Exploit DB Packet Storm
202333 6.9 警告 アップル
日本電気
Apache Software Foundation		 - Apache HTTP Server の envvars における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0883 2016-08-2 17:34 2012-03-2 Show GitHub Exploit DB Packet Storm
202334 2.6 注意 日本電気
Apache Software Foundation
アップル
富士通
オラクル
日立		 - Apache HTTP Server の mod_negotiation モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2687 2016-08-2 17:34 2012-06-13 Show GitHub Exploit DB Packet Storm
202335 5 警告 日本電気
日立
Apache Software Foundation
オラクル		 - Apache Tomcat におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3544 2016-08-2 17:34 2012-09-6 Show GitHub Exploit DB Packet Storm
202336 5.1 警告 アップル
日本電気
富士通
Apache Software Foundation
オラクル		 - Apache HTTP Server の mod_rewrite モジュールにおける任意のコマンドを実行される脆弱性 CWE-310
暗号の問題 		CVE-2013-1862 2016-08-2 17:34 2013-04-18 Show GitHub Exploit DB Packet Storm
202337 7.5 危険 富士通
日本電気
IBM
Apache Software Foundation
オラクル		 - Apache Struts の CookieInterceptor における ClassLoader を操作される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0113 2016-08-2 17:34 2014-04-28 Show GitHub Exploit DB Packet Storm
202338 5.8 警告 富士通
日本電気
IBM
Apache Software Foundation
オラクル		 - Apache Struts の CookieInterceptor における ClassLoader を操作される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0116 2016-08-2 17:34 2014-05-5 Show GitHub Exploit DB Packet Storm
202339 4.3 警告 アップル
日本電気
Apache Software Foundation		 - Apache HTTP Server の mod_proxy_balancer モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4558 2016-08-2 16:45 2013-02-18 Show GitHub Exploit DB Packet Storm
202340 4.3 警告 日本電気
Apache Software Foundation
アップル
富士通
オラクル
日立		 - Apache HTTP Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-3499 2016-08-2 16:45 2013-02-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291041 - symantec security_information_manager
security_information_manager_appliance 		The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspec… CWE-200
Information Exposure 		CVE-2013-1615 2024-11-21 10:50 2013-07-9 Show GitHub Exploit DB Packet Storm
291042 - symantec security_information_manager
security_information_manager_appliance 		Multiple cross-site scripting (XSS) vulnerabilities in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allow remot… CWE-79
Cross-site Scripting 		CVE-2013-1614 2024-11-21 10:50 2013-07-9 Show GitHub Exploit DB Packet Storm
291043 - symantec security_information_manager
security_information_manager_appliance 		SQL injection vulnerability in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote authenticated users t… CWE-89
SQL Injection 		CVE-2013-1613 2024-11-21 10:50 2013-07-9 Show GitHub Exploit DB Packet Storm
291044 - remotesensing libtiff Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-1961 2024-11-21 10:50 2013-07-4 Show GitHub Exploit DB Packet Storm
291045 - remotesensing libtiff Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-1960 2024-11-21 10:50 2013-07-4 Show GitHub Exploit DB Packet Storm
291046 - mozilla firefox The Mozilla Maintenance Service in Mozilla Firefox before 22.0 on Windows does not properly handle inability to launch the Mozilla Updater executable file, which allows local users to gain privileges… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1700 2024-11-21 10:50 2013-06-26 Show GitHub Exploit DB Packet Storm
291047 - mozilla firefox The Internationalized Domain Name (IDN) display algorithm in Mozilla Firefox before 22.0 does not properly handle the .com, .name, and .net top-level domains, which allows remote attackers to spoof t… CWE-310
Cryptographic Issues 		CVE-2013-1699 2024-11-21 10:50 2013-06-26 Show GitHub Exploit DB Packet Storm
291048 - mozilla firefox The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1698 2024-11-21 10:50 2013-06-26 Show GitHub Exploit DB Packet Storm
291049 - mozilla firefox
thunderbird
thunderbird_esr 		The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of Defa… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1697 2024-11-21 10:50 2013-06-26 Show GitHub Exploit DB Packet Storm
291050 - mozilla firefox Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1696 2024-11-21 10:50 2013-06-26 Show GitHub Exploit DB Packet Storm