Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202421 6.5 警告
Network 		IBM - IBM Jazz Reporting Service の Report Builder および Data Collection Component におけるクリックジャッキング攻撃を実行される脆弱性 CWE-noinfo
情報不足 		CVE-2016-0314 2016-07-13 10:13 2016-06-24 Show GitHub Exploit DB Packet Storm
202422 5.4 警告
Network 		IBM - IBM Jazz Reporting Service の Report Builder および Data Collection Component におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-0313 2016-07-13 10:13 2016-06-24 Show GitHub Exploit DB Packet Storm
202423 7.3 重要
Network 		アップル - Apple AirPort Base Station にメモリ破損の脆弱性 - CVE-2015-7029 2016-07-12 17:55 2016-06-20 Show GitHub Exploit DB Packet Storm
202424 6.5 警告
Network 		シスコシステムズ - Cisco TelePresence Video Communication Server および Expressway の Mobile and Remote Access コンポーネントにおける認証を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1444 2016-07-12 16:46 2016-07-6 Show GitHub Exploit DB Packet Storm
202425 8.1 重要
Network 		シスコシステムズ - Cisco AMP Threat Grid アプライアンスデバイスの仮想ネットワークスタックにおけるサンドボックス保護メカニズムを回避される脆弱性 CWE-Other
その他 		CVE-2016-1443 2016-07-12 16:46 2016-07-6 Show GitHub Exploit DB Packet Storm
202426 5.3 警告
Network 		IBM - IBM Integration Bus および WebSphere Message Broker の統合サーバにおける重要な Tomcat のバージョン情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-2961 2016-07-12 16:16 2016-06-21 Show GitHub Exploit DB Packet Storm
202427 2.5
Local 		IBM - IBM Spectrum Protect における任意のアカウントから重要な検索されたデータを取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-2894 2016-07-12 16:16 2016-06-30 Show GitHub Exploit DB Packet Storm
202428 7.8 重要
Local 		IBM - Windows 上で稼動する IBM i Access における登録パスワードを取得される脆弱性 CWE-200
CWE-Other
CVE-2016-0287 2016-07-12 16:16 2016-06-28 Show GitHub Exploit DB Packet Storm
202429 8.2 重要
Local 		IBM - IBM UrbanCode Deploy のエージェントにおける任意のエージェントへの root アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-0271 2016-07-12 16:16 2016-05-27 Show GitHub Exploit DB Packet Storm
202430 5.1 警告
Local 		IBM - IBM Control Center および Sterling Control Center におけるマスターキーを復号される脆弱性 CWE-200
情報漏えい 		CVE-2016-0252 2016-07-12 16:16 2016-06-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1571 6.4 MEDIUM
Network 		- - AccessPress Social Icons 1.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering JavaScript payloads into the 'icon titl… CWE-79
Cross-site Scripting 		CVE-2021-47910 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1572 6.4 MEDIUM
Network 		- - Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. Attackers can add JavaScrip… CWE-79
Cross-site Scripting 		CVE-2021-47922 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1573 9.8 CRITICAL
Network 		- - OpenCart 3.0.3.8 contains a session fixation vulnerability that allows attackers to hijack user sessions by injecting arbitrary values into the OCSESSID cookie. Attackers can set malicious OCSESSID c… CWE-290
 Authentication Bypass by Spoofing 		CVE-2021-47923 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1574 6.4 MEDIUM
Network 		- - Ultimate Product Catalog 5.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the price parameter. Attackers can submit P… CWE-79
Cross-site Scripting 		CVE-2021-47924 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1575 6.4 MEDIUM
Network 		- - CMDBuild 3.3.2 contains multiple stored cross-site scripting vulnerabilities that allow authenticated attackers to inject arbitrary web script or HTML via crafted input in card creation and file uplo… CWE-79
Cross-site Scripting 		CVE-2021-47925 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1576 6.4 MEDIUM
Network 		- - Contact Form to Email 1.3.24 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by creating forms with script tags in the form name f… CWE-79
Cross-site Scripting 		CVE-2021-47926 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1577 6.4 MEDIUM
Network 		- - WordPress Plugin WP Symposium Pro 2021.10 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by exploiting insufficient sanitization … CWE-79
Cross-site Scripting 		CVE-2021-47927 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1578 8.2 HIGH
Network 		- - Opencart TMD Vendor System 3.x contains a blind SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the product_id paramete… CWE-89
SQL Injection 		CVE-2021-47928 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1579 9.8 CRITICAL
Network 		- - WordPress TheCartPress 1.5.3.6 contains an unauthenticated privilege escalation vulnerability that allows attackers to create administrator accounts by submitting crafted requests to the AJAX handler… CWE-862
 Missing Authorization 		CVE-2021-47932 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1580 9.8 CRITICAL
Network 		- - WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers… CWE-306
Missing Authentication for Critical Function 		CVE-2021-47933 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm