Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
203451 9.8 緊急
Network
The WebM Project
Fedora Project
- libwebp における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド
CVE-2016-9085 2017-02-16 14:46 2016-10-10 Show GitHub Exploit DB Packet Storm
203452 5.5 警告
Local
cairographics.org - cairo の write_png 関数における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド
CVE-2016-9082 2017-02-16 14:46 2016-10-20 Show GitHub Exploit DB Packet Storm
203453 5.5 警告
Local
GNOME Project - librsvg2 の rsvg-paint_server.c の rsvg_pattern_fix_fallback 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り
CVE-2016-6163 2017-02-16 14:46 2016-07-7 Show GitHub Exploit DB Packet Storm
203454 8.8 重要
Network
トレンドマイクロ - Trend Micro VMI の /vmi/manager/engine/management/commands/apns_worker.py における任意のコマンドを実行される脆弱性 CWE-77
コマンドインジェクション
CVE-2016-6270 2017-02-16 14:30 2016-09-30 Show GitHub Exploit DB Packet Storm
203455 7.8 重要
Local
IBM - IBM Security Guardium Database Activity Monito アプライアンスにおけるコマンドを挿入される脆弱性 CWE-78
OSコマンド・インジェクション
CVE-2016-6065 2017-02-16 14:26 2016-12-15 Show GitHub Exploit DB Packet Storm
203456 6.3 警告
Network
IBM - IBM Security Privileged Identity Manager 仮想アプライアンスにおける悪意のあるファイルをアップロードされる脆弱性 CWE-284
不適切なアクセス制御
CVE-2016-5990 2017-02-16 14:26 2016-12-29 Show GitHub Exploit DB Packet Storm
203457 6.5 警告
Network
IBM - IBM Security Privileged Identity Manager 仮想アプライアンスにおける重要な情報を公開される脆弱性 CWE-200
情報漏えい
CVE-2016-5988 2017-02-16 14:26 2016-12-29 Show GitHub Exploit DB Packet Storm
203458 5.9 警告
Network
IBM - IBM Security Privileged Identity Manager 仮想アプライアンスにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2016-5966 2017-02-16 14:26 2016-12-29 Show GitHub Exploit DB Packet Storm
203459 7.5 重要
Network
IBM - IBM Security Privileged Identity Manager における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2016-5958 2017-02-16 14:26 2016-12-29 Show GitHub Exploit DB Packet Storm
203460 7.8 重要
Local
IBM - IBM AIX における root レベルの権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2016-3053 2017-02-16 14:26 2016-10-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290381 6.1 MEDIUM
Network
openjsf express The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduc… CWE-79
Cross-site Scripting
CVE-2014-6393 2024-11-21 11:14 2017-08-10 Show GitHub Exploit DB Packet Storm
290382 7.5 HIGH
Network
microsoft internet_explorer Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 allows remote attackers to execute arbitrary code. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2014-6354 2024-11-21 11:14 2017-06-28 Show GitHub Exploit DB Packet Storm
290383 9.8 CRITICAL
Network
videolan vlc VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2014-6440 2024-11-21 11:14 2017-03-29 Show GitHub Exploit DB Packet Storm
290384 4.3 MEDIUM
Network
roundup-tracker
debian
roundup
debian_linux
schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing… CWE-264
Permissions, Privileges, and Access Controls
CVE-2014-6276 2024-11-21 11:14 2016-04-13 Show GitHub Exploit DB Packet Storm
290385 6.1 MEDIUM
Network
titan_framework_project titan_framework Multiple cross-site scripting (XSS) vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to ifr… CWE-79
Cross-site Scripting
CVE-2014-6444 2024-11-21 11:14 2016-01-9 Show GitHub Exploit DB Packet Storm
290386 - juniper junos J-Web in Juniper vSRX virtual firewalls with Junos OS before 15.1X49-D20 allows remote attackers to cause a denial of service (system reboot) via unspecified vectors. NVD-CWE-noinfo
CVE-2014-6451 2024-11-21 11:14 2015-10-17 Show GitHub Exploit DB Packet Storm
290387 - juniper junos Juniper Junos OS before 11.4R12-S4, 12.1X44 before 12.1X44-D41, 12.1X46 before 12.1X46-D26, 12.1X47 before 12.1X47-D11/D15, 12.2 before 12.2R9, 12.2X50 before 12.2X50-D70, 12.3 before 12.3R8, 12.3X48… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2014-6450 2024-11-21 11:14 2015-10-17 Show GitHub Exploit DB Packet Storm
290388 - juniper junos Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R… CWE-399
 Resource Management Errors
CVE-2014-6449 2024-11-21 11:14 2015-10-17 Show GitHub Exploit DB Packet Storm
290389 - softing fg-x00_profibus_firmware Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via th… CWE-79
Cross-site Scripting
CVE-2014-6616 2024-11-21 11:14 2015-09-1 Show GitHub Exploit DB Packet Storm
290390 - debian
libevent_project
debian_linux
libevent
Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or poss… CWE-189
Numeric Errors
CVE-2014-6272 2024-11-21 11:14 2015-08-24 Show GitHub Exploit DB Packet Storm