Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
208981	3.5	注意	ThinkShout	-	Drupal 用 Redhen モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1913	2016-01-21 15:04	2016-01-13	Show	GitHub Exploit DB Packet Storm

208982	2.1	注意	OpenStack	-	OpenStack Compute における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2015-7548	2016-01-21 14:50	2015-09-29	Show	GitHub Exploit DB Packet Storm

208983	6.4	警告	Grassroots DICOM project	-	Grassroots DICOM の MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx における重要な情報を取得される脆弱性	CWE-119 バッファエラー	CVE-2015-8397	2016-01-21 14:33	2015-12-23	Show	GitHub Exploit DB Packet Storm

208984	10	危険	Grassroots DICOM project	-	Grassroots DICOM の MediaStorageAndFileFormat/gdcmImageRegionReader.cxx における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2015-8396	2016-01-21 14:33	2015-12-23	Show	GitHub Exploit DB Packet Storm

208985	5	警告	wp-instance-rename project	-	WordPress 用 WordPress Rename プラグインの mysqldump_download.php における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2015-4703	2016-01-21 14:21	2015-06-12	Show	GitHub Exploit DB Packet Storm

208986	5	警告	Swim Team project	-	WordPress 用 Swim Team プラグインの include/user/download.php における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2015-5471	2016-01-21 14:21	2015-07-2	Show	GitHub Exploit DB Packet Storm

208987	7.5	危険	The Perl Foundation	-	Perl で使用される PathTools の File::Spec モジュールの canonpath 関数における Taint 保護メカニズムを回避される脆弱性	CWE-20 不適切な入力確認	CVE-2015-8607	2016-01-21 14:13	2015-12-14	Show	GitHub Exploit DB Packet Storm

208988	6.5	警告	VMware	-	複数の VMware 製品の VMware Tools HGFS の実装におけるゲスト OS の権限を取得される脆弱性	CWE-Other その他	CVE-2015-6933	2016-01-21 13:37	2015-09-14	Show	GitHub Exploit DB Packet Storm

208989	4.6	警告	Huawei	-	複数の Huawei TE 製品のソフトウェアにおけるパスワードを変更される脆弱性	CWE-255 証明書・パスワード管理	CVE-2015-8673	2016-01-21 12:23	2015-11-25	Show	GitHub Exploit DB Packet Storm

208990	5	警告	Huawei	-	複数の Huawei TE 製品のソフトウェアのプレゼンテーション送信権限管理メカニズムにおけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2015-8672	2016-01-21 12:23	2015-11-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
297711	-	vmware	vcenter_server vcenter_server_appliance esxi	VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NF…	NVD-CWE-Other	CVE-2013-1659	2024-11-21 10:50	2013-02-23	Show	GitHub Exploit DB Packet Storm

297712	-	bouncycastle	legion-of-the-bouncy-castle-java-crytography-api legion-of-the-bouncy-castle-c\#-cryptography-api	The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the …	CWE-310 Cryptographic Issues	CVE-2013-1624	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

297713	-	yassl	cyassl	The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC paddi…	CWE-310 Cryptographic Issues	CVE-2013-1623	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

297714	-	polarssl	polarssl	Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC pa…	CWE-20 Improper Input Validation	CVE-2013-1621	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

297715	-	mozilla canonical oracle redhat	network_security_services ubuntu_linux glassfish_server iplanet_web_proxy_server traffic_director iplanet_web_server vm_server glassfish_communications_server enterprise_manag…	The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC p…	CWE-203 Information Exposure Through Discrepancy	CVE-2013-1620	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

297716	-	gnu	gnutls	The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the pr…	CWE-310 Cryptographic Issues	CVE-2013-1619	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

297717	-	opera	opera_browser	The TLS implementation in Opera before 12.13 does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding, which allows remote attack…	CWE-310 Cryptographic Issues	CVE-2013-1618	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

297718	-	opera	opera_browser	Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.	CWE-352 Origin Validation Error	CVE-2013-1639	2024-11-21 10:50	2013-02-8	Show	GitHub Exploit DB Packet Storm

297719	-	opera	opera_browser	Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document.	CWE-94 Code Injection	CVE-2013-1638	2024-11-21 10:50	2013-02-8	Show	GitHub Exploit DB Packet Storm

297720	-	opera	opera_browser	Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events.	CWE-94 Code Injection	CVE-2013-1637	2024-11-21 10:50	2013-02-8	Show	GitHub Exploit DB Packet Storm