Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202601 6.5 警告
Adjacent 		シスコシステムズ - 複数の Cisco Aironet デバイスのソフトウェアの 802.11 プロトコルの実装のレート制限機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-6363 2016-08-23 17:29 2016-08-17 Show GitHub Exploit DB Packet Storm
202602 7.8 重要
Local 		シスコシステムズ - 複数の Cisco Aironet デバイスのソフトウェアにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-6362 2016-08-23 17:29 2016-08-17 Show GitHub Exploit DB Packet Storm
202603 6.5 警告
Adjacent 		シスコシステムズ - 複数の Cisco Aironet デバイスのソフトウェアの Aggregated MAC Protocol Data Unit の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-6361 2016-08-23 17:29 2016-08-17 Show GitHub Exploit DB Packet Storm
202604 6.1 警告
Network 		シスコシステムズ - Cisco Smart Call Home Transport Gateway デバイス上で稼動する Transport Gateway Installation Software におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-6359 2016-08-23 17:29 2016-08-17 Show GitHub Exploit DB Packet Storm
202605 6.1 警告
Network 		シスコシステムズ - Cisco Identity Services Engine ソフトウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-1485 2016-08-23 17:29 2016-08-17 Show GitHub Exploit DB Packet Storm
202606 7.5 重要
Network 		シスコシステムズ - Cisco IP Phone 8800 デバイスのソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1479 2016-08-23 17:29 2016-08-17 Show GitHub Exploit DB Packet Storm
202607 5.4 警告
Network 		シスコシステムズ - Cisco IP Phone 8800 デバイスのソフトウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-1476 2016-08-23 17:29 2016-08-10 Show GitHub Exploit DB Packet Storm
202608 9.8 緊急
Network 		Navis - Cargotec Navis WebAccess のニュースページにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-5817 2016-08-23 17:16 2016-08-18 Show GitHub Exploit DB Packet Storm
202609 9.8 緊急
Network 		Debian
DBD::mysql project		 - DBD::mysql におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2014-9906 2016-08-23 16:57 2014-12-8 Show GitHub Exploit DB Packet Storm
202610 9.8 緊急
Network 		Debian
DBD::mysql project		 - DBD::mysql の my_login 関数における脆弱性 CWE-Other
その他 		CVE-2015-8949 2016-08-23 16:57 2015-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291531 - autocomplete_widgets_project autocomplete_widgets The autocomplete callback in Autocomplete Widgets for Text and Number Fields (autocomplete_widgets) module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.0-rc1 does not properly handle node permissi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1973 2024-11-21 10:50 2014-06-10 Show GitHub Exploit DB Packet Storm
291532 - mark_evans dragonfly_gem The Dragonfly gem 0.7 before 0.8.6 and 0.9.x before 0.9.13 for Ruby, when used with Ruby on Rails, allows remote attackers to execute arbitrary code via a crafted request. CWE-94
Code Injection 		CVE-2013-1756 2024-11-21 10:50 2014-06-10 Show GitHub Exploit DB Packet Storm
291533 - owncloud owncloud The installation routine in ownCloud Server before 4.0.14, 4.5.x before 4.5.9, and 5.0.x before 5.0.4 uses the time function to seed the generation of the PostgreSQL database user password, which mak… CWE-310
Cryptographic Issues 		CVE-2013-1941 2024-11-21 10:50 2014-06-4 Show GitHub Exploit DB Packet Storm
291534 - rom_walton boinc Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple file_signature elements. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-2019 2024-11-21 10:50 2014-06-3 Show GitHub Exploit DB Packet Storm
291535 - openstack
fedoraproject 		keystone
fedora 		OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests. CWE-20
 Improper Input Validation  		CVE-2013-2014 2024-11-21 10:50 2014-06-3 Show GitHub Exploit DB Packet Storm
291536 - mediawiki mediawiki maintenance/mwdoc-filter.php in MediaWiki before 1.20.3 allows remote attackers to read arbitrary files via unspecified vectors. CWE-200
Information Exposure 		CVE-2013-1818 2024-11-21 10:50 2014-06-3 Show GitHub Exploit DB Packet Storm
291537 - mantisbt mantisbt Mantis Bug Tracker (aka MantisBT) 1.2.12 before 1.2.15 allows remote attackers to cause a denial of service (resource consumption) via a filter using a criteria, text search, and the "any condition" … CWE-20
 Improper Input Validation  		CVE-2013-1883 2024-11-21 10:50 2014-05-27 Show GitHub Exploit DB Packet Storm
291538 - opalvoip
ekiga
suse 		portable_tool_library
ekiga
suse_linux_enterprise_software_development_kit
suse_linux_enterprise_desktop 		The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of ser… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-1864 2024-11-21 10:50 2014-05-23 Show GitHub Exploit DB Packet Storm
291539 - coscms coscms The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file. CWE-78
OS Command  		CVE-2013-1668 2024-11-21 10:50 2014-05-23 Show GitHub Exploit DB Packet Storm
291540 - mantisbt mantisbt Multiple cross-site scripting (XSS) vulnerabilities in core/summary_api.php in MantisBT 1.2.12 allow remote authenticated users with manager or administrator permissions to inject arbitrary web scrip… CWE-79
Cross-site Scripting 		CVE-2013-1810 2024-11-21 10:50 2014-05-15 Show GitHub Exploit DB Packet Storm