Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203261 7.8 重要
Local 		Google - Android One デバイス上で稼動する Android の MediaTek パワーマネジメントドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2492 2016-06-17 17:14 2016-06-6 Show GitHub Exploit DB Packet Storm
203262 9.8 緊急
Network 		シトリックス・システムズ - Citrix XenServer におけるホストを侵害される脆弱性 CWE-Other
その他 		CVE-2016-5302 2016-06-17 17:12 2016-06-9 Show GitHub Exploit DB Packet Storm
203263 8.8 重要
Network 		Mozilla Foundation - Mozilla Firefox で使用される Network Security Services におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2016-2834 2016-06-17 17:09 2016-06-7 Show GitHub Exploit DB Packet Storm
203264 6.1 警告
Network 		Mozilla Foundation - Mozilla Firefox におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-2833 2016-06-17 16:57 2016-06-7 Show GitHub Exploit DB Packet Storm
203265 4.3 警告
Network 		Mozilla Foundation - Mozilla Firefox における無効化されたプラグインの情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-2832 2016-06-17 16:57 2016-06-7 Show GitHub Exploit DB Packet Storm
203266 6.5 警告
Network 		Mozilla Foundation - Mozilla Firefox における許可設定通知を偽造される脆弱性 CWE-Other
その他 		CVE-2016-2829 2016-06-17 16:57 2016-06-7 Show GitHub Exploit DB Packet Storm
203267 7.3 重要
Local 		Mozilla Foundation - Windows 上で稼動する Mozilla Firefox のメンテナンスサービスにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2826 2016-06-17 16:57 2016-06-7 Show GitHub Exploit DB Packet Storm
203268 5.3 警告
Network 		libimobiledevice
openSUSE project		 - libimobiledevice および libusbmuxd の common/socket.c の socket_create 関数におけるアクセス制限を回避される脆弱性 CWE-Other
その他 		CVE-2016-5104 2016-06-17 16:50 2016-06-8 Show GitHub Exploit DB Packet Storm
203269 7.5 重要
Network 		openSUSE project
Atheme.org		 - Atheme の modules/transport/xmlrpc/xmlrpclib.c の xmlrpc_char_encode 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-4478 2016-06-17 16:36 2016-01-10 Show GitHub Exploit DB Packet Storm
203270 7.5 重要
Network 		openSUSE project
Atheme.org		 - Atheme の modules/chanserv/flags.c における Anope FLAGS の動作を変更される脆弱性 CWE-Other
その他 		CVE-2014-9773 2016-06-17 16:36 2014-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290851 - redhat openstack nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local users to overwrite arbitrary files via a symlink attack on a temporary n… CWE-59
Link Following 		CVE-2013-2029 2024-11-21 10:50 2013-11-24 Show GitHub Exploit DB Packet Storm
290852 - redhat
t-mobile
busybox 		enterprise_linux
tm-ac1900
busybox 		util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vector… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1813 2024-11-21 10:50 2013-11-23 Show GitHub Exploit DB Packet Storm
290853 - mozilla network_security_services Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value. CWE-189
Numeric Errors 		CVE-2013-1741 2024-11-21 10:50 2013-11-18 Show GitHub Exploit DB Packet Storm
290854 - openvpn
opensuse 		openvpn
openvpn_access_server
opensuse 		The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparis… CWE-200
Information Exposure 		CVE-2013-2061 2024-11-21 10:50 2013-11-18 Show GitHub Exploit DB Packet Storm
290855 - mediawiki
fedoraproject
gentoo 		mediawiki
fedora
linux 		MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attacke… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-2032 2024-11-21 10:50 2013-11-18 Show GitHub Exploit DB Packet Storm
290856 - gentoo
mediawiki 		linux
mediawiki 		MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in … CWE-79
Cross-site Scripting 		CVE-2013-2031 2024-11-21 10:50 2013-11-18 Show GitHub Exploit DB Packet Storm
290857 - linux linux_kernel The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local users to cause a denial of service… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-2058 2024-11-21 10:50 2013-11-5 Show GitHub Exploit DB Packet Storm
290858 - opensuse
ruby-lang 		opensuse
ruby 		(1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to byp… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-2065 2024-11-21 10:50 2013-11-3 Show GitHub Exploit DB Packet Storm
290859 - mozilla bugzilla Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HT… CWE-79
Cross-site Scripting 		CVE-2013-1743 2024-11-21 10:50 2013-10-24 Show GitHub Exploit DB Packet Storm
290860 - mozilla bugzilla Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow remote att… CWE-79
Cross-site Scripting 		CVE-2013-1742 2024-11-21 10:50 2013-10-24 Show GitHub Exploit DB Packet Storm