Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202811 7.5 重要
Network 		Drupal
Debian		 - Drupal の XML-RPC システムにおける総当たり攻撃を実行される脆弱性 CWE-Other
その他 		CVE-2016-3163 2016-04-20 17:07 2016-02-24 Show GitHub Exploit DB Packet Storm
202812 5.4 警告
Network 		Four Kitchens - Drupal 用 Block Class モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-3144 2016-04-20 17:07 2016-04-15 Show GitHub Exploit DB Packet Storm
202813 9.8 緊急
Network 		Linux Foundation
レッドハット		 - foomatic-filters の foomatic-rip の unhtmlify 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-5325 2016-04-20 16:55 2010-08-27 Show GitHub Exploit DB Packet Storm
202814 9.8 緊急
Network 		openSUSE project - openSUSE および Leap の obs-service-extract_file パッケージにおける任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2016-4007 2016-04-20 16:40 2016-02-20 Show GitHub Exploit DB Packet Storm
202815 8.8 重要
Network 		Apache Software Foundation - Apache Ranger における親リソースレベルのアクセスの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-0735 2016-04-20 16:19 2016-03-28 Show GitHub Exploit DB Packet Storm
202816 9.8 緊急
Network 		Apache Software Foundation - Apache Ranger の Admin UI における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2016-0733 2016-04-20 16:19 2016-02-5 Show GitHub Exploit DB Packet Storm
202817 8.1 重要
Network 		シトリックス・システムズ - Citrix Command Center の Administration Web UI サーブレットにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-7999 2016-04-20 16:18 2015-12-16 Show GitHub Exploit DB Packet Storm
202818 4.9 警告
Network 		デル - Dell OpenManage Server Administrator におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2016-4004 2016-04-20 16:12 2016-02-22 Show GitHub Exploit DB Packet Storm
202819 6.5 警告
Network 		Debian
OptiPNG		 - OptiPNG の pngxtern/pngxrbmp.c の bmp_read_rows 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-2191 2016-04-20 16:11 2016-04-4 Show GitHub Exploit DB Packet Storm
202820 9.8 緊急
Network 		Debian
xmlsoft.org		 - libxml2 の HTMLparser.c の htmlParseComment 関数における重要な情報を取得される脆弱性 CWE-119
バッファエラー 		CVE-2015-8710 2016-04-20 16:10 2015-03-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290611 5.4 MEDIUM
Network 		cpanel whm
cpanel 		The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS vulnerability. CWE-79
Cross-site Scripting 		CVE-2012-6449 2024-11-21 10:46 2020-02-11 Show GitHub Exploit DB Packet Storm
290612 6.1 MEDIUM
Network 		vbseo vbseo vBSeo before 3.6.0PL2 allows XSS via the member.php u parameter. CWE-79
Cross-site Scripting 		CVE-2012-6666 2024-11-21 10:46 2020-02-10 Show GitHub Exploit DB Packet Storm
290613 6.5 MEDIUM
Network 		netgear wgr614v9_firmware
wgr614v7_firmware 		An Information Disclosure vulnerability exists in the my config file in NEtGEAR WGR614 v7 and v9, which could let a malicious user recover all previously used passwords on the device, for both the co… CWE-200
Information Exposure 		CVE-2012-6341 2024-11-21 10:46 2020-02-7 Show GitHub Exploit DB Packet Storm
290614 4.6 MEDIUM
Physics 		netgear wgr614v9_firmware
wgr614v7_firmware 		An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002. CWE-287
Improper Authentication 		CVE-2012-6340 2024-11-21 10:46 2020-02-7 Show GitHub Exploit DB Packet Storm
290615 5.4 MEDIUM
Network 		havalite havalite Havalite CMS 1.1.7 has a stored XSS vulnerability CWE-79
Cross-site Scripting 		CVE-2013-0161 2024-11-21 10:46 2020-01-30 Show GitHub Exploit DB Packet Storm
290616 8.8 HIGH
Network 		polycom hdx_video_end_points
uc_apl 		Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature. CWE-78
OS Command  		CVE-2012-6610 2024-11-21 10:46 2020-01-29 Show GitHub Exploit DB Packet Storm
290617 7.5 HIGH
Network 		polycom hdx_video_end_points
uc_apl 		Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. (dot dot) in the name… CWE-22
Path Traversal 		CVE-2012-6609 2024-11-21 10:46 2020-01-29 Show GitHub Exploit DB Packet Storm
290618 6.1 MEDIUM
Network 		cpanel webhost_manager Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-6448 2024-11-21 10:46 2020-01-28 Show GitHub Exploit DB Packet Storm
290619 7.2 HIGH
Network 		dlink dsr-250n_firmware D-Link DSR-250N devices with firmware 1.05B73_WW allow Persistent Root Access because of the admin password for the admin account. NVD-CWE-noinfo
CVE-2012-6613 2024-11-21 10:46 2020-01-26 Show GitHub Exploit DB Packet Storm
290620 6.1 MEDIUM
Network 		rapid7 nexpose Rapid7 Nexpose before 5.5.4 contains a session hijacking vulnerability which allows remote attackers to capture a user's session and gain unauthorized access. CWE-79
Cross-site Scripting 		CVE-2012-6494 2024-11-21 10:46 2020-01-26 Show GitHub Exploit DB Packet Storm