Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
204511 5.5 警告
Local 		Linux - Android などの製品の ION サブシステムで使用される Linux Kernel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-8950 2016-10-14 16:53 2015-05-13 Show GitHub Exploit DB Packet Storm
204512 7.8 重要
Local 		Google - Android のメディアサーバの media/libmediaplayerservice/MediaPlayerService.cpp における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3913 2016-10-14 16:51 2016-10-3 Show GitHub Exploit DB Packet Storm
204513 7.8 重要
Local 		Google - Android のフレームワーク API における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3912 2016-10-14 16:51 2016-10-3 Show GitHub Exploit DB Packet Storm
204514 7.8 重要
Local 		Google - Android の Zygote の core/java/android/os/Process.java における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3911 2016-10-14 16:51 2016-10-3 Show GitHub Exploit DB Packet Storm
204515 7.8 重要
Local 		Google - Android のメディアサーバの services/soundtrigger/SoundTriggerHwService.cpp における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3910 2016-10-14 16:51 2016-10-3 Show GitHub Exploit DB Packet Storm
204516 7.8 重要
Local 		Google - Android のメディアサーバの libstagefright の SoftMPEG4 コンポーネントにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3909 2016-10-14 16:51 2016-10-3 Show GitHub Exploit DB Packet Storm
204517 5.5 警告
Local 		Google - Android の LockSettings サービスにおけるデバイスの PIN またはパスワードを削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3908 2016-10-14 16:51 2016-10-3 Show GitHub Exploit DB Packet Storm
204518 7.8 重要
Local 		Google - Nexus 5X デバイス上で稼動する Android の Qualcomm Wi-Fi ドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3905 2016-10-14 16:51 2016-10-3 Show GitHub Exploit DB Packet Storm
204519 7.8 重要
Local 		Google - 複数の Nexus および Android One デバイス上で稼動する Android の Qualcomm カメラドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3903 2016-10-14 16:38 2016-10-3 Show GitHub Exploit DB Packet Storm
204520 5.5 警告
Local 		Google - Nexus 5X および Nexus 6P デバイス上で稼動する Android の Qualcomm IPA ドライバにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-3902 2016-10-14 16:38 2016-10-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291221 - papercut papercut_mf Unspecified vulnerability in the print release functionality in PaperCut MF before 14.1 (Build 26983) has unknown impact and remote vectors, related to embedded MFPs. NVD-CWE-noinfo
CVE-2014-2657 2024-11-21 11:06 2014-04-28 Show GitHub Exploit DB Packet Storm
291222 - dompdf dompdf dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the i… CWE-200
Information Exposure 		CVE-2014-2383 2024-11-21 11:06 2014-04-28 Show GitHub Exploit DB Packet Storm
291223 - net-snmp net-snmp The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptr… CWE-20
 Improper Input Validation  		CVE-2014-2285 2024-11-21 11:06 2014-04-28 Show GitHub Exploit DB Packet Storm
291224 - xcloner xcloner Multiple cross-site request forgery (CSRF) vulnerabilities in XCloner Standalone 3.5 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) change the… CWE-352
 Origin Validation Error 		CVE-2014-2579 2024-11-21 11:06 2014-04-26 Show GitHub Exploit DB Packet Storm
291225 - ektron ektron_content_management_system Cross-site scripting (XSS) vulnerability in content.aspx in Ektron CMS 8.7 before 8.7.0.055 allows remote authenticated users to inject arbitrary web script or HTML via the category0 parameter, which… CWE-79
Cross-site Scripting 		CVE-2014-2729 2024-11-21 11:06 2014-04-25 Show GitHub Exploit DB Packet Storm
291226 - ruby-lang ruby The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby scrip… CWE-399
 Resource Management Errors 		CVE-2014-2734 2024-11-21 11:06 2014-04-25 Show GitHub Exploit DB Packet Storm
291227 - hp integrated_lights-out_2_firmware The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 v… NVD-CWE-noinfo
CVE-2014-2601 2024-11-21 11:06 2014-04-25 Show GitHub Exploit DB Packet Storm
291228 - modx modx_revolution Multiple SQL injection vulnerabilities in MODX Revolution before 2.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) session ID (PHPSESSID) to index.php or remote authenticate… CWE-89
SQL Injection 		CVE-2014-2736 2024-11-21 11:06 2014-04-24 Show GitHub Exploit DB Packet Storm
291229 - open-xchange open-xchange_appsuite Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite 7.4.1 before 7.4.1-rev11 and 7.4.2 before 7.4.2-rev13 allows remote attackers to inject arbitrary web script or HTML via a Drive file… CWE-79
Cross-site Scripting 		CVE-2014-2393 2024-11-21 11:06 2014-04-24 Show GitHub Exploit DB Packet Storm
291230 - open-xchange open-xchange_appsuite The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, which allows remote attack… CWE-200
Information Exposure 		CVE-2014-2392 2024-11-21 11:06 2014-04-24 Show GitHub Exploit DB Packet Storm