Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
202811 7.8 重要
Local
Debian
GraphicsMagick
- GraphicsMagick の MagickCore/memory.c の AcquireMagickMemory 関数における脆弱性 CWE-119
バッファエラー
CVE-2016-8862 2017-03-9 16:51 2016-09-14 Show GitHub Exploit DB Packet Storm
202812 5.5 警告
Local
ImageMagick - ImageMagick の MagickCore/pixel-accessor.h の IsPixelMonochrome 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り
CVE-2016-8678 2017-03-9 16:51 2016-09-14 Show GitHub Exploit DB Packet Storm
202813 7.8 重要
Local
openSUSE project
Debian
ImageMagick
- ImageMagick の MagickCore/quantum.c の AcquireQuantumPixels 関数における脆弱性 CWE-119
バッファエラー
CVE-2016-8677 2017-03-9 16:51 2016-09-16 Show GitHub Exploit DB Packet Storm
202814 9.8 緊急
Network
Aerospike, Inc. - Aerospike Database Server の RW ファブリックメッセージのパーティクルタイプにおける境界外インデックスに関する脆弱性 CWE-129
配列インデックスの不適切な検証
CVE-2016-9053 2017-03-9 16:49 2016-10-26 Show GitHub Exploit DB Packet Storm
202815 9.8 緊急
Network
Aerospike, Inc. - Aerospike Database Server のバッチ処理フィールドの構文解析機能における境界外書き込みの脆弱性 CWE-787
境界外書き込み
CVE-2016-9051 2017-03-9 16:49 2016-10-26 Show GitHub Exploit DB Packet Storm
202816 7.5 重要
Network
Aerospike, Inc. - Aerospike Database Server の Fabric_Worker コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス
CVE-2016-9049 2017-03-9 16:49 2016-10-26 Show GitHub Exploit DB Packet Storm
202817 7.8 重要
Local
JasPer Project
openSUSE project
Fedora Project
- JasPer の jas_stream.c の mem_close 関数におけるメモリ二重解放の脆弱性 CWE-415
二重解放
CVE-2016-8693 2017-03-9 16:03 2016-10-20 Show GitHub Exploit DB Packet Storm
202818 5.5 警告
Local
Debian
JasPer Project
Fedora Project
- JasPer の libjasper/jpc/jpc_dec.c の jpc_dec_process_siz 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-369
ゼロ除算
CVE-2016-8692 2017-03-9 16:03 2016-10-16 Show GitHub Exploit DB Packet Storm
202819 5.5 警告
Local
Debian
JasPer Project
Fedora Project
- JasPer の libjasper/jpc/jpc_dec.c の jpc_dec_process_siz 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-369
ゼロ除算
CVE-2016-8691 2017-03-9 16:03 2016-10-16 Show GitHub Exploit DB Packet Storm
202820 5 警告 アップル
日本電気
- 複数の Apple 製品の Secure Transport における EXPORT_RSA 暗号に対して暗号スイートのダウングレード攻撃を実行される脆弱性 CWE-310
暗号の問題
CVE-2015-1067 2017-03-9 15:34 2015-03-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292731 - usercake usercake Multiple cross-site request forgery (CSRF) vulnerabilities in user_settings.php in Usercake 2.0.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that c… CWE-352
 Origin Validation Error
CVE-2014-3866 2024-11-21 11:09 2014-05-27 Show GitHub Exploit DB Packet Storm
292732 - ibm sametime The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote at… CWE-200
Information Exposure
CVE-2014-3867 2024-11-21 11:09 2014-05-26 Show GitHub Exploit DB Packet Storm
292733 5.4 MEDIUM
Network
redhat jboss_aerogear Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise the application with s… CWE-79
Cross-site Scripting
CVE-2014-3650 2024-11-21 11:08 2022-07-1 Show GitHub Exploit DB Packet Storm
292734 7.5 HIGH
Network
redhat jboss_aerogear The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registere… CWE-400
 Uncontrolled Resource Consumption
CVE-2014-3648 2024-11-21 11:08 2022-07-1 Show GitHub Exploit DB Packet Storm
292735 9.8 CRITICAL
Network
musl-libc musl Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact … CWE-787
 Out-of-bounds Write
CVE-2014-3484 2024-11-21 11:08 2020-02-20 Show GitHub Exploit DB Packet Storm
292736 9.8 CRITICAL
Network
php php Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party fil… CWE-416
 Use After Free
CVE-2014-3622 2024-11-21 11:08 2020-02-19 Show GitHub Exploit DB Packet Storm
292737 5.4 MEDIUM
Network
mybb mybb Multiple cross-site scripting (XSS) vulnerabilities in the MyBB (aka MyBulletinBoard) before 1.8.4 allow remote authenticated users to inject arbitrary web script or HTML via the title parameter in t… CWE-79
Cross-site Scripting
CVE-2014-3827 2024-11-21 11:08 2020-02-12 Show GitHub Exploit DB Packet Storm
292738 5.4 MEDIUM
Network
mybb mybb Cross-site scripting (XSS) vulnerability in MyBB before 1.6.13 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter in the edit action of the config-profile… CWE-79
Cross-site Scripting
CVE-2014-3826 2024-11-21 11:08 2020-02-12 Show GitHub Exploit DB Packet Storm
292739 6.1 MEDIUM
Network
nokia 1830_photonic_service_switch-4_firmware
1830_photonic_service_switch-16_firmware
1830_photonic_service_switch-32_firmware
Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting
CVE-2014-3809 2024-11-21 11:08 2020-02-1 Show GitHub Exploit DB Packet Storm
292740 9.8 CRITICAL
Network
exlibrisgroup aleph_500 Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via t… CWE-89
SQL Injection
CVE-2014-3719 2024-11-21 11:08 2020-01-31 Show GitHub Exploit DB Packet Storm