Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
209501 2
Physics
GNU Project
Debian
Canonical
- Libgcrypt における楕円曲線ディフィー・ヘルマン鍵を抽出される脆弱性 CWE-200
情報漏えい
CVE-2015-7511 2016-04-27 10:56 2015-09-29 Show GitHub Exploit DB Packet Storm
209502 5.6 警告
Network
ネットムーブ株式会社 - SaAT Netizen にダウンロードファイル検証不備の脆弱性 - CVE-2016-1203 2016-04-27 10:41 2016-04-26 Show GitHub Exploit DB Packet Storm
209503 6.2 警告
Local
Apache Software Foundation - Apache Hadoop における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2015-1776 2016-04-27 10:15 2015-02-17 Show GitHub Exploit DB Packet Storm
209504 8.8 重要
Network
Debian
openSUSE project
Canonical
xdelta
- xdelta3 の xdelta3-main.h の main_get_appheader 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2014-9765 2016-04-27 10:02 2014-10-12 Show GitHub Exploit DB Packet Storm
209505 5.5 警告
Local
Google - Android の Exchange ActiveSync の Autodiscover の実装における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2016-2415 2016-04-27 09:52 2016-04-4 Show GitHub Exploit DB Packet Storm
209506 6.2 警告
Local
Google - Android の Minikin ライブラリにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2016-2414 2016-04-27 09:52 2016-04-4 Show GitHub Exploit DB Packet Storm
209507 7.8 重要
Local
Google - Android のメディアサーバの media/libmedia/IOMX.cpp における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2016-2413 2016-04-27 09:52 2016-04-4 Show GitHub Exploit DB Packet Storm
209508 8.1 重要
Network
Google - Android の Texas Instruments ハプティクスカーネルドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2016-2409 2016-04-27 09:52 2016-04-4 Show GitHub Exploit DB Packet Storm
209509 9.8 緊急
Network
Google
dhcpcd project
- Android などの製品で使用される dhcpcd における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2016-1503 2016-04-27 09:52 2016-04-4 Show GitHub Exploit DB Packet Storm
209510 8.8 重要
Adjacent
Google - Android の Bluetooth の PORCHE_PAIRING_CONFLICT 機能におけるペアリングの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2016-0850 2016-04-27 09:52 2016-04-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297851 - lixil my_satis_genius_toilet The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth PIN, which allows physically proximate attackers to trigger physical resource consumption (water or heat… NVD-CWE-noinfo
CVE-2013-4866 2024-11-21 10:56 2015-04-17 Show GitHub Exploit DB Packet Storm
297852 - redmine redmine_git_hosting_plugin git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related … CWE-77
Command Injection
CVE-2013-4663 2024-11-21 10:56 2014-12-28 Show GitHub Exploit DB Packet Storm
297853 - umbraco umbraco_cms The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS before 6.0.4 does not require authentication, which allows remote attackers to … CWE-287
Improper Authentication
CVE-2013-4793 2024-11-21 10:56 2014-12-28 Show GitHub Exploit DB Packet Storm
297854 - eucalyptus eucalyptus The cloud controller (aka CLC) component in Eucalyptus 3.3.x and 3.4.x before 3.4.2, when the dns.recursive.enabled setting is used, allows remote attackers to cause a denial of service (traffic ampl… CWE-19
 Data Processing Errors
CVE-2013-4769 2024-11-21 10:56 2014-12-27 Show GitHub Exploit DB Packet Storm
297855 - owl intranet_knowledgebase Multiple cross-site scripting (XSS) vulnerabilities in Owl Intranet Knowledgebase 1.10 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field to browse.php o… CWE-79
Cross-site Scripting
CVE-2013-4754 2024-11-21 10:56 2014-12-27 Show GitHub Exploit DB Packet Storm
297856 - claroline claroline Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.11.9 and earlier allow remote authenticated users to inject arbitrary web script or HTML via (1) the Search field in an inbox action… CWE-79
Cross-site Scripting
CVE-2013-4753 2024-11-21 10:56 2014-12-27 Show GitHub Exploit DB Packet Storm
297857 - h3c
hp
secbladefw
secpath1000fe
f1000-e_vpn_firewall
s5820_secblade_vpn_firewall_module
s7500e_secblade_vpn_firewall_module
s9500e_secblade_vpn_firewall_module
sr66_gigabit_firewall_module…
Unspecified vulnerability in HP and H3C VPN Firewall Module products SECPATH1000FE before 5.20.R3177 and SECBLADEFW before 5.20.R3177 allows remote attackers to cause a denial of service via unknown … NVD-CWE-noinfo
CVE-2013-4840 2024-11-21 10:56 2014-07-29 Show GitHub Exploit DB Packet Storm
297858 9.8 CRITICAL
Network
symantec web_gateway SNMPConfig.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote attackers to execute arbitrary commands via unspecified vectors. NVD-CWE-noinfo
CVE-2013-5017 2024-11-21 10:56 2014-06-19 Show GitHub Exploit DB Packet Storm
297859 - ddsn cm3_acora_content_management_system DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a .. (dot dot) in the "l" parameter… CWE-200
Information Exposure
CVE-2013-4728 2024-11-21 10:56 2014-06-6 Show GitHub Exploit DB Packet Storm
297860 - ddsn cm3_acora_content_management_system DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a request to Admin/top.aspx. CWE-200
Information Exposure
CVE-2013-4727 2024-11-21 10:56 2014-06-6 Show GitHub Exploit DB Packet Storm