Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
203381 5.4 警告
Network
IBM - IBM Connections におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-0305 2017-02-21 16:43 2016-08-9 Show GitHub Exploit DB Packet Storm
203382 5.3 警告
Network
IBM - IBM Security Key Lifecycle Manager における認証されていないユーザに対して重要な情報を公開される脆弱性 CWE-200
情報漏えい
CVE-2016-6099 2017-02-21 16:37 2016-06-29 Show GitHub Exploit DB Packet Storm
203383 8.1 重要
Network
IBM - IBM InfoSphere Information Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限
CVE-2016-6059 2017-02-21 16:36 2016-10-28 Show GitHub Exploit DB Packet Storm
203384 5 警告
Network
IBM - IBM Jazz Foundation における以前にログインしたユーザを継承される脆弱性 CWE-384
セッションの固定化
CVE-2016-6040 2017-02-21 16:35 2016-12-16 Show GitHub Exploit DB Packet Storm
203385 6.1 警告
Network
IBM - IBM TRIRIGA Application Platform におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-6000 2017-02-21 16:32 2016-10-17 Show GitHub Exploit DB Packet Storm
203386 6.5 警告
Adjacent
IBM - IBM BigFix Platform における BES をクラッシュ状態にされる脆弱性 CWE-284
不適切なアクセス制御
CVE-2016-6085 2017-02-21 16:31 2016-12-20 Show GitHub Exploit DB Packet Storm
203387 10 緊急
Network
IBM - IBM BigFix Platform におけるシステム上で任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用
CVE-2016-6082 2017-02-21 16:31 2016-12-20 Show GitHub Exploit DB Packet Storm
203388 4.3 警告
Network
IBM - IBM Kenexa LMS on Cloud における認証されたユーザに対する応答において秘密の質問の解答を公開される脆弱性 CWE-200
情報漏えい
CVE-2016-6122 2017-02-21 16:28 2016-11-11 Show GitHub Exploit DB Packet Storm
203389 8.8 重要
Network
IBM - IBM Kenexa LCMS Premier on Cloud における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2016-5952 2017-02-21 16:26 2016-10-12 Show GitHub Exploit DB Packet Storm
203390 5.4 警告
Network
IBM - IBM Kenexa LCMS Premier on Cloud におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-5951 2017-02-21 16:26 2016-11-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292731 - usercake usercake Multiple cross-site request forgery (CSRF) vulnerabilities in user_settings.php in Usercake 2.0.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that c… CWE-352
 Origin Validation Error
CVE-2014-3866 2024-11-21 11:09 2014-05-27 Show GitHub Exploit DB Packet Storm
292732 - ibm sametime The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote at… CWE-200
Information Exposure
CVE-2014-3867 2024-11-21 11:09 2014-05-26 Show GitHub Exploit DB Packet Storm
292733 5.4 MEDIUM
Network
redhat jboss_aerogear Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise the application with s… CWE-79
Cross-site Scripting
CVE-2014-3650 2024-11-21 11:08 2022-07-1 Show GitHub Exploit DB Packet Storm
292734 7.5 HIGH
Network
redhat jboss_aerogear The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registere… CWE-400
 Uncontrolled Resource Consumption
CVE-2014-3648 2024-11-21 11:08 2022-07-1 Show GitHub Exploit DB Packet Storm
292735 9.8 CRITICAL
Network
musl-libc musl Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact … CWE-787
 Out-of-bounds Write
CVE-2014-3484 2024-11-21 11:08 2020-02-20 Show GitHub Exploit DB Packet Storm
292736 9.8 CRITICAL
Network
php php Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party fil… CWE-416
 Use After Free
CVE-2014-3622 2024-11-21 11:08 2020-02-19 Show GitHub Exploit DB Packet Storm
292737 5.4 MEDIUM
Network
mybb mybb Multiple cross-site scripting (XSS) vulnerabilities in the MyBB (aka MyBulletinBoard) before 1.8.4 allow remote authenticated users to inject arbitrary web script or HTML via the title parameter in t… CWE-79
Cross-site Scripting
CVE-2014-3827 2024-11-21 11:08 2020-02-12 Show GitHub Exploit DB Packet Storm
292738 5.4 MEDIUM
Network
mybb mybb Cross-site scripting (XSS) vulnerability in MyBB before 1.6.13 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter in the edit action of the config-profile… CWE-79
Cross-site Scripting
CVE-2014-3826 2024-11-21 11:08 2020-02-12 Show GitHub Exploit DB Packet Storm
292739 6.1 MEDIUM
Network
nokia 1830_photonic_service_switch-4_firmware
1830_photonic_service_switch-16_firmware
1830_photonic_service_switch-32_firmware
Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting
CVE-2014-3809 2024-11-21 11:08 2020-02-1 Show GitHub Exploit DB Packet Storm
292740 9.8 CRITICAL
Network
exlibrisgroup aleph_500 Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via t… CWE-89
SQL Injection
CVE-2014-3719 2024-11-21 11:08 2020-01-31 Show GitHub Exploit DB Packet Storm