Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203961 9.8 緊急
Network 		Exponent CMS project - Exponent CMS の Pixidou Image Editor における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-7453 2016-11-7 18:10 2016-09-15 Show GitHub Exploit DB Packet Storm
203962 7.5 重要
Network 		Exponent CMS project - Exponent CMS の Pixidou Image Editor におけるサイト上の任意のフォルダにファイルをアップロードされる脆弱性 CWE-Other
その他 		CVE-2016-7452 2016-11-7 18:10 2016-09-15 Show GitHub Exploit DB Packet Storm
203963 9.8 緊急
Network 		Exponent CMS project - Exponent CMS におけるスクリプトファイルをアップロードされる脆弱性 CWE-Other
その他 		CVE-2016-7095 2016-11-7 18:10 2016-08-28 Show GitHub Exploit DB Packet Storm
203964 6.5 警告
Network 		GitLab.org - GitLab の "import/export project" 機能における GitLab サービスアカウントにアクセス可能なすべてのファイルの内容を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-9086 2016-11-7 15:49 2016-11-2 Show GitHub Exploit DB Packet Storm
203965 9.8 緊急
Network 		Square, Inc. - git-fastclone における任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2015-8969 2016-11-7 14:55 2015-12-17 Show GitHub Exploit DB Packet Storm
203966 8.8 重要
Network 		Square, Inc. - git-fastclone における任意のシェルコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2015-8968 2016-11-7 14:55 2015-12-12 Show GitHub Exploit DB Packet Storm
203967 9.8 緊急
Network 		SAP - SAP ASE における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-7402 2016-11-7 14:34 2016-09-13 Show GitHub Exploit DB Packet Storm
203968 5.4 警告
Network 		IBM - IBM Financial Transaction Manager の Web UI におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-5920 2016-11-7 14:21 2016-08-19 Show GitHub Exploit DB Packet Storm
203969 5.7 警告
Network 		IBM - IBM Financial Transaction Manager の Payments Director におけるクリックジャッキング攻撃を実行される脆弱性 CWE-Other
その他 		CVE-2016-3060 2016-11-7 14:21 2016-08-19 Show GitHub Exploit DB Packet Storm
203970 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-7855 2016-11-7 14:02 2016-10-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291801 - i-doit i-doit Cross-site scripting (XSS) vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title. CWE-79
Cross-site Scripting 		CVE-2014-2231 2024-11-21 11:05 2014-02-28 Show GitHub Exploit DB Packet Storm
291802 - interworx web_control_panel Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.13 build 574 allows remote attackers to inject arb… CWE-79
Cross-site Scripting 		CVE-2014-2035 2024-11-21 11:05 2014-02-28 Show GitHub Exploit DB Packet Storm
291803 - adrotateplugin adrotate SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitr… CWE-89
SQL Injection 		CVE-2014-1854 2024-11-21 11:05 2014-02-28 Show GitHub Exploit DB Packet Storm
291804 - tibco enterprise_administrator_sdk
enterprise_administrator 		TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary comm… CWE-287
Improper Authentication 		CVE-2014-2075 2024-11-21 11:05 2014-02-27 Show GitHub Exploit DB Packet Storm
291805 - cisco unified_contact_center_express_editor_software Cisco Unified Contact Center Express (Unified CCX) does not properly restrict the content of the CCMConfig page, which allows remote authenticated users to obtain sensitive information by examining t… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-2102 2024-11-21 11:05 2014-02-27 Show GitHub Exploit DB Packet Storm
291806 - riken xoonips Cross-site scripting (XSS) vulnerability in the XooNIps module 3.47 and earlier for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2014-1968 2024-11-21 11:05 2014-02-27 Show GitHub Exploit DB Packet Storm
291807 - 7andi-fs.co denny\'s The Denny's application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a … CWE-310
Cryptographic Issues 		CVE-2014-1967 2024-11-21 11:05 2014-02-27 Show GitHub Exploit DB Packet Storm
291808 - mcafee epolicy_orchestrator The Import and Export Framework in McAfee ePolicy Orchestrator (ePO) before 4.6.7 Hotfix 940148 allows remote authenticated users with permissions to add dashboards to read arbitrary files by importi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-2205 2024-11-21 11:05 2014-02-27 Show GitHub Exploit DB Packet Storm
291809 - catfish_project catfish Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 allows local users to gain privileges via a Trojan horse bin/catfish.py under the current working directory. NVD-CWE-Other
CVE-2014-2096 2024-11-21 11:05 2014-02-26 Show GitHub Exploit DB Packet Storm
291810 - catfish_project catfish Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, when a Fedora package such as 0.8.2-1 is not used, allows local users to gain privileges via a Trojan horse bin/catfish.pyc under t… NVD-CWE-Other
CVE-2014-2095 2024-11-21 11:05 2014-02-26 Show GitHub Exploit DB Packet Storm