Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203721 7.1 危険 ISC, Inc.
日本電気		 - ISC BIND の named の resolver.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-362
競合状態 		CVE-2015-8461 2016-06-27 15:59 2015-12-15 Show GitHub Exploit DB Packet Storm
203722 5 警告 ISC, Inc.
日本電気		 - ISC BIND の named の db.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-8000 2016-06-27 15:59 2015-12-15 Show GitHub Exploit DB Packet Storm
203723 6.4 警告 オラクル - Oracle Enterprise Manager Grid Control の Oracle Application Testing Suite における Load Testing for Web Apps に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0491 2016-06-27 15:49 2016-01-19 Show GitHub Exploit DB Packet Storm
203724 6.5 警告 オラクル - Oracle Enterprise Manager Grid Control の Oracle Application Testing Suite における Test Manager for Web Apps に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0489 2016-06-27 15:49 2016-01-19 Show GitHub Exploit DB Packet Storm
203725 6.4 警告 オラクル - Oracle Enterprise Manager Grid Control の Oracle Application Testing Suite における Load Testing for Web Apps に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0492 2016-06-27 15:48 2016-01-19 Show GitHub Exploit DB Packet Storm
203726 6.4 警告 オラクル - Oracle Enterprise Manager Grid Control の Oracle Application Testing Suite における Load Testing for Web Apps に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0488 2016-06-27 15:48 2016-01-19 Show GitHub Exploit DB Packet Storm
203727 6.4 警告 オラクル - Oracle Enterprise Manager Grid Control の Oracle Application Testing Suite における Test Manager for Web Apps に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0490 2016-06-27 15:48 2016-01-19 Show GitHub Exploit DB Packet Storm
203728 6.4 警告 オラクル - Oracle Enterprise Manager Grid Control の Oracle Application Testing Suite における Test Manager for Web Apps に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0487 2016-06-27 15:47 2016-01-19 Show GitHub Exploit DB Packet Storm
203729 9.8 緊急
Network 		ヒューレット・パッカード・エンタープライズ - HPE Insight Control における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2016-2024 2016-06-27 15:43 2016-06-1 Show GitHub Exploit DB Packet Storm
203730 4.3 警告
Network 		バッファロー - バッファロー製の複数の無線 LAN ルータにおける情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2016-4816 2016-06-27 14:56 2016-05-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290591 - vanillaforums vanilla Multiple SQL injection vulnerabilities in Vanilla Forums before 2.0.18.8 allow remote attackers to execute arbitrary SQL commands via the parameter name in the Form/Email array to (1) entry/signin or… CWE-89
SQL Injection 		CVE-2013-3527 2024-11-21 10:53 2013-05-11 Show GitHub Exploit DB Packet Storm
290592 - wptrafficanalyzer trafficanalyzer Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting 		CVE-2013-3526 2024-11-21 10:53 2013-05-11 Show GitHub Exploit DB Packet Storm
290593 - bestpractical request_tracker SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor dispute… CWE-89
SQL Injection 		CVE-2013-3525 2024-11-21 10:53 2013-05-11 Show GitHub Exploit DB Packet Storm
290594 - simpilotgroup pop_up_news SQL injection vulnerability in popupnewsitem/ in the Pop Up News module 2.0 and possibly earlier for phpVMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: … CWE-89
SQL Injection 		CVE-2013-3524 2024-11-21 10:53 2013-05-11 Show GitHub Exploit DB Packet Storm
290595 - gajennings this SQL injection vulnerability in This HTML Is Simple (THIS) before 1.2.4 allows remote to execute arbitrary SQL commands via vectors related to op=page&id= in the URL. CWE-89
SQL Injection 		CVE-2013-3523 2024-11-21 10:53 2013-05-11 Show GitHub Exploit DB Packet Storm
290596 - vbulletin vbulletin SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the no… CWE-89
SQL Injection 		CVE-2013-3522 2024-11-21 10:53 2013-05-11 Show GitHub Exploit DB Packet Storm
290597 - wppa.opajaap wp-photo-album-plus Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the WP Photo Album Plus plugin before 5.0.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the comm… CWE-79
Cross-site Scripting 		CVE-2013-3254 2024-11-21 10:53 2013-05-10 Show GitHub Exploit DB Packet Storm
290598 - adobe coldfusion Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors. NVD-CWE-noinfo
CVE-2013-3336 2024-11-21 10:53 2013-05-9 Show GitHub Exploit DB Packet Storm
290599 - juniper smartpass Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified… CWE-79
Cross-site Scripting 		CVE-2013-3498 2024-11-21 10:53 2013-05-9 Show GitHub Exploit DB Packet Storm
290600 - juniper junos_space
junos_space_virtual_appliance
junos_space_ja1500_appliance 		Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attack… CWE-255
Credentials Management 		CVE-2013-3497 2024-11-21 10:53 2013-05-9 Show GitHub Exploit DB Packet Storm