Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203971 4.3 警告
Network 		アップル - Apple 製品などで使用される WebKit における同一生成元ポリシーを回避される脆弱性 CWE-362
競合状態 		CVE-2016-4583 2016-07-29 13:47 2016-07-18 Show GitHub Exploit DB Packet Storm
203972 7.8 重要
Local 		アップル - 複数の Apple 製品のカーネルにおける権限を取得される脆弱性 CWE-119
バッファエラー 		CVE-2016-4582 2016-07-29 13:47 2016-07-18 Show GitHub Exploit DB Packet Storm
203973 6.2 警告
Local 		アップル - 複数の Apple 製品のカーネルにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-1865 2016-07-29 13:47 2016-07-18 Show GitHub Exploit DB Packet Storm
203974 8.4 重要
Local 		アップル - 複数の Apple 製品のカーネルにおける権限を取得される脆弱性 CWE-119
バッファエラー 		CVE-2016-1863 2016-07-29 13:47 2016-07-18 Show GitHub Exploit DB Packet Storm
203975 5.5 警告
Local 		アップル - Apple iOS および watchOS の IOAcceleratorFamily におけるカーネルメモリから重要な情報を取得される脆弱性 CWE-200
CWE-Other
CVE-2016-4628 2016-07-29 12:21 2016-07-18 Show GitHub Exploit DB Packet Storm
203976 6.1 警告
Network 		アップル - Apple iOS および Safari などの WebKit JavaScript バインディングにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-4651 2016-07-29 12:21 2016-07-18 Show GitHub Exploit DB Packet Storm
203977 6.5 警告
Network 		アップル - Apple iOS のカレンダーにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-4605 2016-07-29 12:21 2016-07-18 Show GitHub Exploit DB Packet Storm
203978 5.4 警告
Network 		アップル - Apple iOS の Safari における表示される URL を偽装される脆弱性 CWE-Other
その他 		CVE-2016-4604 2016-07-29 12:21 2016-07-18 Show GitHub Exploit DB Packet Storm
203979 9.8 緊急
Network 		アップル
xmlsoft.org		 - 複数の Apple 製品の libxml2 におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-4619 2016-07-29 12:09 2016-07-18 Show GitHub Exploit DB Packet Storm
203980 9.8 緊急
Network 		アップル
xmlsoft.org		 - 複数の Apple 製品の libxml2 におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-4616 2016-07-29 12:09 2016-07-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290041 9.8 CRITICAL
Network 		umbraco umbraco_cms Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2014-10074 2024-11-21 11:03 2018-08-27 Show GitHub Exploit DB Packet Storm
290042 7.5 HIGH
Network 		fancy-server_project fancy-server Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory. CWE-22
Path Traversal 		CVE-2014-10066 2024-11-21 11:03 2018-06-1 Show GitHub Exploit DB Packet Storm
290043 6.1 MEDIUM
Network 		remarkable_project remarkable Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content. CWE-79
Cross-site Scripting 		CVE-2014-10065 2024-11-21 11:03 2018-06-1 Show GitHub Exploit DB Packet Storm
290044 7.5 HIGH
Network 		qs_project qs The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of t… CWE-399
 Resource Management Errors 		CVE-2014-10064 2024-11-21 11:03 2018-06-1 Show GitHub Exploit DB Packet Storm
290045 7.5 HIGH
Network 		hapi inert The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when `showHidden` is false. CWE-22
Path Traversal 		CVE-2014-10068 2024-11-21 11:03 2018-05-30 Show GitHub Exploit DB Packet Storm
290046 5.9 MEDIUM
Network 		paypal-ipn_project paypal-ipn paypal-ipn before 3.0.0 uses the `test_ipn` parameter (which is set by the PayPal IPN simulator) to determine if it should use the production PayPal site or the sandbox. With a bit of time, an attack… CWE-287
Improper Authentication 		CVE-2014-10067 2024-11-21 11:03 2018-05-30 Show GitHub Exploit DB Packet Storm
290047 7.1 HIGH
Network 		ibm rational_clearquest Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest Native client, (3) ClearQuest Eclipse client, and (4) ClearQuest Eclipse Designer components in IBM Rationa… CWE-611
XXE 		CVE-2014-0950 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm
290048 9.1 CRITICAL
Network 		ibm rational_clearcase Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN Server / CM Server, (2) Perl CC/CQ integration trigger scripts, (3) CMAPI Java interface, (4) ClearCase remote client, and (5) C… CWE-611
XXE 		CVE-2014-0931 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm
290049 8.1 HIGH
Network 		ibm sterling_b2b_integrator
sterling_file_gateway 		The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port… CWE-287
Improper Authentication 		CVE-2014-0927 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm
290050 5.3 MEDIUM
Network 		ibm sterling_b2b_integrator
sterling_file_gateway 		IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive product information via vectors related to an error page. IBM X-Force ID: 9207… CWE-200
Information Exposure 		CVE-2014-0912 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm