Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203281 8.8 重要
Network 		openSUSE project
Canonical
Debian
Google
SUSE
レッドハット		 - Google Chrome で使用される Blink における同一生成元ポリシーを回避される脆弱性 CWE-Other
その他 		CVE-2016-1675 2016-08-31 18:10 2016-05-25 Show GitHub Exploit DB Packet Storm
203282 8.8 重要
Network 		レッドハット
Debian
openSUSE project
SUSE
Google		 - Google Chrome の拡張サブシステムにおける同一生成元ポリシーを回避される脆弱性 CWE-noinfo
情報不足 		CVE-2016-1674 2016-08-31 18:10 2016-05-25 Show GitHub Exploit DB Packet Storm
203283 8.8 重要
Network 		openSUSE project
Canonical
Debian
Google
SUSE
レッドハット		 - Google Chrome で使用される Blink における同一生成元ポリシーを回避される脆弱性 CWE-noinfo
情報不足 		CVE-2016-1673 2016-08-31 18:10 2016-05-25 Show GitHub Exploit DB Packet Storm
203284 8.8 重要
Network 		レッドハット
Debian
openSUSE project
SUSE
Google		 - Google Chrome の拡張バインディングの extensions/renderer/module_system.cc における bindings-interception 攻撃を実行される脆弱性 CWE-Other
その他 		CVE-2016-1672 2016-08-31 18:10 2016-05-25 Show GitHub Exploit DB Packet Storm
203285 7.5 重要
Network 		SAP - SAP JAVA AS の Internet Communication Manager におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-3979 2016-08-31 16:14 2016-04-14 Show GitHub Exploit DB Packet Storm
203286 7.5 重要
Network 		SAP - SAP JAVA AS の Java スタートアップフレームワークにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-3980 2016-08-31 16:13 2016-03-14 Show GitHub Exploit DB Packet Storm
203287 7.5 重要
Network 		SAP - SAP NetWeaver AS Java におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2016-3976 2016-08-31 16:13 2016-03-8 Show GitHub Exploit DB Packet Storm
203288 6.1 警告
Network 		SAP - SAP NetWeaver AS Java におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-3975 2016-08-31 16:12 2016-03-8 Show GitHub Exploit DB Packet Storm
203289 7.5 重要
Network 		SAP - SAP NetWeaver Java AS のリアルタイムコラボレーションサービスのチャット機能における重要なユーザ情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-3973 2016-08-31 16:12 2016-03-8 Show GitHub Exploit DB Packet Storm
203290 7.5 重要
Network 		F5 Networks - F5 BIG-IP システムのバーチャルサーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-5023 2016-08-31 15:52 2016-08-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291671 - f5 big-ip_access_policy_manager Cross-site scripting (XSS) vulnerability in the access policy logout page (logout.inc) in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.1.0 through 11.3.0 allows remote attackers to inject arbitrary web… CWE-79
Cross-site Scripting 		CVE-2013-5976 2024-11-21 10:58 2013-10-2 Show GitHub Exploit DB Packet Storm
291672 - f5 big-ip_access_policy_manager The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 through 11.2.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-5975 2024-11-21 10:58 2013-10-2 Show GitHub Exploit DB Packet Storm
291673 - david_king
canonical 		vino
ubuntu_linux 		The vino_server_client_data_pending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error … CWE-20
 Improper Input Validation  		CVE-2013-5745 2024-11-21 10:58 2013-10-2 Show GitHub Exploit DB Packet Storm
291674 - metaclassy byword The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions, which allows remote attackers to overwrite arbitrary files via the name and text parameters in … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-5725 2024-11-21 10:58 2013-10-1 Show GitHub Exploit DB Packet Storm
291675 - cdsincdesign simple_dropbox_upload_form Unrestricted file upload vulnerability in multi.php in Simple Dropbox Upload plugin before 1.8.8.1 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executab… NVD-CWE-Other
CVE-2013-5963 2024-11-21 10:58 2013-10-1 Show GitHub Exploit DB Packet Storm
291676 - envato complete_gallery_manager_plugin Unrestricted file upload vulnerability in frames/upload-images.php in the Complete Gallery Manager plugin before 3.3.4 rev40279 for WordPress allows remote attackers to execute arbitrary code by uplo… NVD-CWE-Other
CVE-2013-5962 2024-11-21 10:58 2013-10-1 Show GitHub Exploit DB Packet Storm
291677 - danny_morris lazy_seo Unrestricted file upload vulnerability in lazyseo.php in the Lazy SEO plugin 1.1.9 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a PHP file, then accessing it via a… NVD-CWE-Other
CVE-2013-5961 2024-11-21 10:58 2013-10-1 Show GitHub Exploit DB Packet Storm
291678 - adcisolutions node_view_permissions The Node View Permissions module 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the hook_query_alter function, which might allow remote attackers to obtain sensitive information by rea… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-5965 2024-11-21 10:58 2013-10-1 Show GitHub Exploit DB Packet Storm
291679 - joachim_noreiko flag_module Cross-site scripting (XSS) vulnerability in the administration page in the Flag module 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with the "Administer flags" permission to in… CWE-79
Cross-site Scripting 		CVE-2013-5964 2024-11-21 10:58 2013-10-1 Show GitHub Exploit DB Packet Storm
291680 - owasp enterprise_security_api The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0.1 does not properly resist tampering with serial… CWE-310
Cryptographic Issues 		CVE-2013-5960 2024-11-21 10:58 2013-10-1 Show GitHub Exploit DB Packet Storm