Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
204321 7.8 重要
Local 		Google - 複数の Nexus および Android One デバイス上で稼動する Android の Qualcomm ビデオドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3939 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
204322 7.8 重要
Local 		Google - 複数の Nexus および Android One デバイス上で稼動する Android の Qualcomm ビデオドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3938 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
204323 7.8 重要
Local 		Google - Android の MediaTek ビデオドライバにおける権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-3937 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
204324 7.8 重要
Local 		Google - Android の MediaTek ビデオドライバにおける権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-3936 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
204325 7.8 重要
Local 		Google - 複数の Nexus および Android One デバイス上で稼動する Android の Qualcomm カメラドライバにおける権限を取得される脆弱性 CWE-119
バッファエラー 		CVE-2016-3934 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
204326 7.8 重要
Local 		Google - Nexus 9 および Pixel C デバイス上で稼動する Android のメディアサーバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3933 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
204327 7.8 重要
Local 		Google - Android のメディアサーバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3932 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
204328 7.8 重要
Local 		Google - 複数の Nexus および Android One デバイス上で稼動する Android の Qualcomm QSEE Communicator ドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3931 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
204329 9.8 緊急
Network 		Google - Nexus 5X および 6P デバイス上で稼動する Android の Qualcomm コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2016-3927 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
204330 9.8 緊急
Network 		Google - 複数の Nexus デバイス上で稼動する Android の Qualcomm コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2016-3926 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290021 - zemanta search_everything Cross-site request forgery (CSRF) vulnerability in the Search Everything plugin before 8.1.1 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vect… CWE-352
 Origin Validation Error 		CVE-2014-3843 2024-11-21 11:08 2014-05-23 Show GitHub Exploit DB Packet Storm
290022 - imember360 imember360 Multiple cross-site scripting (XSS) vulnerabilities in the iMember360 plugin 3.8.012 through 3.9.001 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) decrypt or… CWE-79
Cross-site Scripting 		CVE-2014-3842 2024-11-21 11:08 2014-05-23 Show GitHub Exploit DB Packet Storm
290023 - tech-banker contact_bank Cross-site scripting (XSS) vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form lay… CWE-79
Cross-site Scripting 		CVE-2014-3841 2024-11-21 11:08 2014-05-23 Show GitHub Exploit DB Packet Storm
290024 - dotclear dotclear SQL injection vulnerability in admin/categories.php in Dotclear before 2.6.3 allows remote authenticated users with the manage categories permission to execute arbitrary SQL commands via the categori… CWE-89
SQL Injection 		CVE-2014-3783 2024-11-21 11:08 2014-05-23 Show GitHub Exploit DB Packet Storm
290025 - libgadu libgadu libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execut… CWE-20
 Improper Input Validation  		CVE-2014-3775 2024-11-21 11:08 2014-05-22 Show GitHub Exploit DB Packet Storm
290026 - barracudadrive
realtimelogic 		barracudadrive Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive before 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) role parameter to roles.lsp, (2) name para… CWE-79
Cross-site Scripting 		CVE-2014-3808 2024-11-21 11:08 2014-05-21 Show GitHub Exploit DB Packet Storm
290027 - barracudadrive barracudadrive Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) blog, (2) bloggeruser, or (3) bloggerpasswd param… CWE-79
Cross-site Scripting 		CVE-2014-3807 2024-11-21 11:08 2014-05-21 Show GitHub Exploit DB Packet Storm
290028 - vmturbo operations_manager Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the xml_path parameter. CWE-22
Path Traversal 		CVE-2014-3806 2024-11-21 11:08 2014-05-21 Show GitHub Exploit DB Packet Storm
290029 - google chrome The SpeechInput feature in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to enable microphone access and obtain speech-recognition text without indication via an INPUT… CWE-200
Information Exposure 		CVE-2014-3803 2024-11-21 11:08 2014-05-21 Show GitHub Exploit DB Packet Storm
290030 - microsoft debug_interface_access_software_development_kit
visual_studio 		msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-… CWE-20
 Improper Input Validation  		CVE-2014-3802 2024-11-21 11:08 2014-05-21 Show GitHub Exploit DB Packet Storm