Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203341 9.8 緊急
Network 		The PHP Group - PHP の ext/spl/spl_dllist.c の SplDoublyLinkedList::offsetSet 関数におけるメモリ二重解放の脆弱性 CWE-Other
その他 		CVE-2016-3132 2016-08-10 14:56 2016-04-28 Show GitHub Exploit DB Packet Storm
203342 9.8 緊急
Network 		The PHP Group - PHP の zip エクステンションの php_zip.c における整数オーバーフローの脆弱性 CWE-Other
その他 		CVE-2016-3078 2016-08-10 14:43 2016-04-28 Show GitHub Exploit DB Packet Storm
203343 5.4 警告
Network 		Apache Software Foundation - Apache ActiveMQ の管理 Web コンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-0782 2016-08-10 14:25 2016-03-14 Show GitHub Exploit DB Packet Storm
203344 5 警告 OpenSSL Project
オラクル		 - OpenSSL の d1_pkt.c の dtls1_buffer_record 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2015-0206 2016-08-9 18:16 2015-01-7 Show GitHub Exploit DB Packet Storm
203345 5 警告 アップル
日本電気
OpenSSL Project
ヒューレット・パッカード
オラクル		 - OpenSSL における指紋ベースの認証ブラックリスト保護メカニズムを破られる脆弱性 CWE-310
暗号の問題 		CVE-2014-8275 2016-08-9 18:15 2014-12-20 Show GitHub Exploit DB Packet Storm
203346 5 警告 アップル
OpenSSL Project
ヒューレット・パッカード
オラクル		 - OpenSSL の s3_clnt.c 内の ssl3_get_key_exchange 関数における ECDHE-to-ECDH ダウングレード攻撃を実行される脆弱性 CWE-310
暗号の問題 		CVE-2014-3572 2016-08-9 18:14 2014-10-24 Show GitHub Exploit DB Packet Storm
203347 5 警告 日本電気
アップル
ヒューレット・パッカード
OpenSSL Project
オラクル
日立		 - OpenSSL の BN_sqr の実装における暗号保護メカニズムを破られる脆弱性 CWE-310
暗号の問題 		CVE-2014-3570 2016-08-9 18:14 2014-05-14 Show GitHub Exploit DB Packet Storm
203348 7.3 重要
Local 		Google - 複数の Nexus デバイス上で稼働する Android の Qualcomm ブートローダの app/aboot/aboot.c における整数オーバーフローの脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3850 2016-08-9 16:55 2016-08-1 Show GitHub Exploit DB Packet Storm
203349 7.8 重要
Local 		Google - Pixel C デバイス上で稼働する Android の ION ドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3849 2016-08-9 16:55 2016-08-1 Show GitHub Exploit DB Packet Storm
203350 7.8 重要
Local 		Google - Nexus 9 デバイス上で稼働する Android の NVIDIA メディアドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3847 2016-08-9 16:55 2016-08-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291501 - mintboard mintboard Multiple cross-site scripting (XSS) vulnerabilities in Mintboard 0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) pass parameter in views/login.php or (3) nam… CWE-79
Cross-site Scripting 		CVE-2013-4951 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
291502 - machform machform Cross-site scripting (XSS) vulnerability in view.php in Machform 2 allows remote attackers to inject arbitrary web script or HTML via the element_2 parameter. CWE-79
Cross-site Scripting 		CVE-2013-4950 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
291503 - machform machform Unrestricted file upload vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in t… NVD-CWE-Other
CVE-2013-4949 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
291504 - machform machform SQL injection vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary SQL commands via the element_2 parameter. CWE-89
SQL Injection 		CVE-2013-4948 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
291505 - sawmill sawmill Unspecified vulnerability in the update and build database page in Sawmill before 8.6.3 allows remote attackers to have unknown impact and attack vectors. NVD-CWE-noinfo
CVE-2013-4947 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
291506 - bmc service_desk_express Multiple cross-site scripting (XSS) vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to inject arbitrary web script or HTML via the (1) SelTab parameter to QV_admin.… CWE-79
Cross-site Scripting 		CVE-2013-4946 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
291507 - bmc service_desk_express Multiple SQL injection vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to execute arbitrary SQL commands via the (1) ASPSESSIONIDASSRATTQ, (2) TABLE_WIDGET_1, (3) T… CWE-89
SQL Injection 		CVE-2013-4945 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
291508 - fusedpress buddypress-extended-frienship-request Cross-site scripting (XSS) vulnerability in the BuddyPress Extended Friendship Request plugin before 1.0.2 for WordPress, when the "Friend Connections" component is enabled, allows remote attackers t… CWE-79
Cross-site Scripting 		CVE-2013-4944 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
291509 - freebsd freebsd The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS server implementation in the kernel in FreeBSD 8.3 and 9.x through 9.1-RELEASE-p5 controls authorization for host/subnet export entr… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-4851 2024-11-21 10:56 2013-07-29 Show GitHub Exploit DB Packet Storm
291510 - isc
suse
novell
opensuse
freebsd
mandriva
redhat
fedoraproject
hp
slackware 		bind
suse_linux_enterprise_software_development_kit
suse_linux
dnsco_bind
opensuse
freebsd
business_server
enterprise_server
enterprise_linux
fedora
hp-ux
slackware_l… 		The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remo… NVD-CWE-noinfo
CVE-2013-4854 2024-11-21 10:56 2013-07-29 Show GitHub Exploit DB Packet Storm