Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202701	5.5	警告 Local	オラクル	-	Oracle MySQL の MySQL Server における Server: Optimizer に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-0659	2016-04-26 10:06	2016-04-19	Show	GitHub Exploit DB Packet Storm

202702	5.5	警告 Local	オラクル	-	Oracle MySQL の MySQL Server における Server: Optimizer に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-0658	2016-04-26 10:06	2016-04-19	Show	GitHub Exploit DB Packet Storm

202703	5.5	警告 Local	オラクル	-	Oracle MySQL の MySQL Server における Server: JSON に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-0657	2016-04-26 10:06	2016-04-19	Show	GitHub Exploit DB Packet Storm

202704	5.5	警告 Local	オラクル	-	Oracle MySQL の MySQL Server における Server: InnoDB に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-0656	2016-04-26 10:06	2016-04-19	Show	GitHub Exploit DB Packet Storm

202705	5.5	警告 Local	オラクル	-	Oracle MySQL の MySQL Server における Server: InnoDB に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-0654	2016-04-26 10:06	2016-04-19	Show	GitHub Exploit DB Packet Storm

202706	5.5	警告 Local	オラクル	-	Oracle MySQL の MySQL Server における Server: FTS に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-0653	2016-04-26 10:05	2016-04-19	Show	GitHub Exploit DB Packet Storm

202707	5.5	警告 Local	オラクル	-	Oracle MySQL の MySQL Server における Server: DML に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-0652	2016-04-26 10:05	2016-04-19	Show	GitHub Exploit DB Packet Storm

202708	5.7	警告 Network	オラクル	-	Oracle Financial Services Software の Oracle FLEXCUBE Direct Banking における Accounts に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-3464	2016-04-25 15:49	2016-04-19	Show	GitHub Exploit DB Packet Storm

202709	6.1	警告 Network	オラクル	-	Oracle Financial Services Software の Oracle FLEXCUBE Direct Banking における Pre-Login に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-3463	2016-04-25 15:49	2016-04-19	Show	GitHub Exploit DB Packet Storm

202710	9.1	緊急 Network	オラクル	-	Oracle Financial Services Software の Oracle FLEXCUBE Direct Banking における Login に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-0699	2016-04-25 15:49	2016-04-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
290661	-	qnap	viostor_network_video_recorder	Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for r…	CWE-352 Origin Validation Error	CVE-2013-0144	2024-11-21 10:46	2013-06-8	Show	GitHub Exploit DB Packet Storm

290662	-	qnap	viostor_network_video_recorder surveillance_station_pro nas	cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by lev…	CWE-94 Code Injection	CVE-2013-0143	2024-11-21 10:46	2013-06-8	Show	GitHub Exploit DB Packet Storm

290663	-	qnap	viostor_network_video_recorder surveillance_station_pro nas	QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access v…	CWE-255 Credentials Management	CVE-2013-0142	2024-11-21 10:46	2013-06-8	Show	GitHub Exploit DB Packet Storm

290664	-	mutiny	mutiny_appliance mutiny_virtual_appliance mutiny	Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow remote authenticated users to upload and execute arbitrary programs, read arbi…	CWE-22 Path Traversal	CVE-2013-0136	2024-11-21 10:46	2013-06-1	Show	GitHub Exploit DB Packet Storm

290665	-	cisco	webex	Cisco WebEx 4.1 on iOS does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middl…	CWE-20 Improper Input Validation	CVE-2012-6399	2024-11-21 10:46	2013-05-27	Show	GitHub Exploit DB Packet Storm

290666	-	elgg	elgg	engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-6563	2024-11-21 10:46	2013-05-24	Show	GitHub Exploit DB Packet Storm

290667	-	elgg	elgg	engine/lib/users.php in Elgg before 1.8.5 does not properly specify permissions for the useradd action, which allows remote attackers to create arbitrary accounts.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-6562	2024-11-21 10:46	2013-05-24	Show	GitHub Exploit DB Packet Storm

290668	-	elgg	elgg	Cross-site scripting (XSS) vulnerability in engine/lib/views.php in Elgg before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the view parameter to index.php. NOTE: some o…	CWE-79 Cross-site Scripting	CVE-2012-6561	2024-11-21 10:46	2013-05-24	Show	GitHub Exploit DB Packet Storm

290669	-	freenac	freenac	SQL injection vulnerability in deviceadd.php in FreeNAC 3.02 allows remote attackers to execute arbitrary SQL commands via the status parameter.	CWE-20 Improper Input Validation	CVE-2012-6560	2024-11-21 10:46	2013-05-24	Show	GitHub Exploit DB Packet Storm

290670	-	freenac	freenac	Multiple cross-site scripting (XSS) vulnerabilities in FreeNAC 3.02 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) mac, (3) graphtype, (4) name, or (5) type pa…	CWE-79 Cross-site Scripting	CVE-2012-6559	2024-11-21 10:46	2013-05-24	Show	GitHub Exploit DB Packet Storm