Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202801 8.8 重要
Network 		シスコシステムズ - Cisco Firepower Management Center および ASA 5500-X Series with FirePOWER Services の Web ベース GUI におけるユーザアカウント権限を拡大される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-1458 2016-08-22 16:24 2016-08-17 Show GitHub Exploit DB Packet Storm
202802 8.8 重要
Network 		シスコシステムズ - Cisco Firepower Management Center および ASA 5500-X Series with FirePOWER Services の Web ベース GUI における root 権限で任意のコマンドを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-1457 2016-08-22 16:24 2016-08-17 Show GitHub Exploit DB Packet Storm
202803 8.8 重要
Network 		シスコシステムズ - Cisco Application Policy Infrastructure Controller エンタープライズ モジュールにおける root 権限で任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1365 2016-08-22 16:24 2016-08-17 Show GitHub Exploit DB Packet Storm
202804 5.8 警告
Local 		SAP - SAP SAPCAR における任意のファイルのパーミッションを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-5847 2016-08-22 15:33 2016-08-10 Show GitHub Exploit DB Packet Storm
202805 5.5 警告
Local 		SAP - SAP SAPCAR におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-5845 2016-08-22 15:33 2016-08-10 Show GitHub Exploit DB Packet Storm
202806 7.8 重要
Local 		Debian
Fedora Project
fontconfig project		 - fontconfig における任意の free コールを誘発される脆弱性 CWE-Other
その他 		CVE-2016-5384 2016-08-19 17:58 2016-08-5 Show GitHub Exploit DB Packet Storm
202807 7.8 重要
Local 		LINE株式会社 - LINE PC版(Windows版)における DLL 読み込みに関する脆弱性 CWE-Other
その他 		CVE-2016-4831 2016-08-19 17:42 2016-07-8 Show GitHub Exploit DB Packet Storm
202808 6.2 警告
Local 		IBM - IBM Tivoli Storage Manager および Tivoli Storage FlashCopy Manager における平文の SQL サーバのパスワードを取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-3059 2016-08-19 16:55 2016-07-25 Show GitHub Exploit DB Packet Storm
202809 6.5 警告
Network 		IBM - IBM WebSphere Portal 用 Connections Portlets コンポーネントにおけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2016-2989 2016-08-19 16:55 2016-08-2 Show GitHub Exploit DB Packet Storm
202810 3.7
Network 		IBM - IBM WebSphere Application Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-2960 2016-08-19 16:55 2016-08-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
289811 - ibm infosphere_information_server Multiple SQL injection vulnerabilities in IBM InfoSphere Information Server 8.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allow remote authenticated users to execute arbitrary… CWE-89
SQL Injection 		CVE-2013-4058 2024-11-21 10:54 2014-03-16 Show GitHub Exploit DB Packet Storm
289812 - ibm infosphere_information_server Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM InfoSphere Information Server 8.5.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allows remote attackers to… CWE-352
 Origin Validation Error 		CVE-2013-4057 2024-11-21 10:54 2014-03-16 Show GitHub Exploit DB Packet Storm
289813 - kasseler-cms kasseler-cms Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection… CWE-352
 Origin Validation Error 		CVE-2013-3729 2024-11-21 10:54 2014-03-13 Show GitHub Exploit DB Packet Storm
289814 - kasseler-cms kasseler-cms Cross-site scripting (XSS) vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat para… CWE-79
Cross-site Scripting 		CVE-2013-3728 2024-11-21 10:54 2014-03-13 Show GitHub Exploit DB Packet Storm
289815 - kasseler-cms kasseler-cms SQL injection vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users to execute arbitrary SQL commands via the groups[] parameter to admin.php. NOTE: this can be leveraged us… CWE-89
SQL Injection 		CVE-2013-3727 2024-11-21 10:54 2014-03-13 Show GitHub Exploit DB Packet Storm
289816 - abeel simple_php_agenda SQL injection vulnerability in edit_event.php in Simple PHP Agenda before 2.2.9 allows remote authenticated users to execute arbitrary SQL commands via the eventid parameter. CWE-89
SQL Injection 		CVE-2013-3961 2024-11-21 10:54 2014-03-12 Show GitHub Exploit DB Packet Storm
289817 - jpchacha chasys_draw_ies Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-3928 2024-11-21 10:54 2014-03-12 Show GitHub Exploit DB Packet Storm
289818 - novell zenworks_configuration_management Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update … CWE-22
Path Traversal 		CVE-2013-3706 2024-11-21 10:54 2014-03-6 Show GitHub Exploit DB Packet Storm
289819 - ibm websphere_mq Directory traversal vulnerability in WMQ Telemetry in IBM WebSphere MQ 7.5 before 7.5.0.3 allows remote attackers to read arbitrary files via a crafted URI. CWE-22
Path Traversal 		CVE-2013-4054 2024-11-21 10:54 2014-03-2 Show GitHub Exploit DB Packet Storm
289820 - suse studio_onsite
studio_extension_for_system_z 		SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors. CWE-310
Cryptographic Issues 		CVE-2013-3712 2024-11-21 10:54 2014-02-27 Show GitHub Exploit DB Packet Storm