Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
209831 5.9 警告
Network
Drupal
Debian
- Drupal の drupal_set_header 関数における CRLF インジェクションの脆弱性 CWE-Other
その他
CVE-2016-3166 2016-04-15 10:44 2016-02-24 Show GitHub Exploit DB Packet Storm
209832 7.5 重要
Network
Drupal - Drupal の Form API におけるアクセス制限を回避される脆弱性 CWE-Other
その他
CVE-2016-3165 2016-04-15 10:44 2016-02-24 Show GitHub Exploit DB Packet Storm
209833 7.4 重要
Network
Drupal
Debian
- Drupal におけるオープンリダイレクト攻撃を実行される脆弱性 CWE-Other
その他
CVE-2016-3164 2016-04-15 10:44 2016-02-24 Show GitHub Exploit DB Packet Storm
209834 6.1 警告
Network
SilverStripe - SilverStripe CMS & Framework におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-8606 2016-04-14 17:48 2015-11-16 Show GitHub Exploit DB Packet Storm
209835 7.3 重要
Network
Claws Mail - Claws Mail の codeconv.c の conv_euctojis 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2015-8708 2016-04-14 17:21 2015-12-21 Show GitHub Exploit DB Packet Storm
209836 6.1 警告
Network
Atlassian - Atlassian Confluence におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-8398 2016-04-14 16:04 2015-11-16 Show GitHub Exploit DB Packet Storm
209837 6.1 警告
Network
Apache Software Foundation - Apache Wicket の RadioGroup および CheckBoxMultipleChoice クラスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-7520 2016-04-14 16:03 2015-09-29 Show GitHub Exploit DB Packet Storm
209838 6.1 警告
Network
Apache Software Foundation - Apache Wicket の org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-5347 2016-04-14 16:03 2015-11-19 Show GitHub Exploit DB Packet Storm
209839 6.5 警告
Network
Apache Software Foundation - Apache Ranger の Policy Admin Tool におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2015-5167 2016-04-14 16:03 2015-07-1 Show GitHub Exploit DB Packet Storm
209840 6.1 警告
Network
Apache Software Foundation - Apache OFBiz の ModelFormField.java の DisplayEntityField.getDescription メソッドにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-3268 2016-04-14 16:03 2015-02-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297521 - ibm security_network_protection_firmware
security_network_protection_xgs_5100
Cross-site scripting (XSS) vulnerability in the Local Management Interface (LMI) in IBM Security Network Protection on XGS 5100 devices with firmware 5.1 before 5.1.0.6 and 5.1.1 before 5.1.1.1 allow… CWE-79
Cross-site Scripting
CVE-2013-5442 2024-11-21 10:57 2013-11-14 Show GitHub Exploit DB Packet Storm
297522 - ibm websphere_portal Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.x before 7.0.0.2 CF25 and 8.x before 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leverag… CWE-79
Cross-site Scripting
CVE-2013-5379 2024-11-21 10:57 2013-11-14 Show GitHub Exploit DB Packet Storm
297523 - ibm websphere_portal Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.x before 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging incorrect IBM Connection… CWE-79
Cross-site Scripting
CVE-2013-5378 2024-11-21 10:57 2013-11-14 Show GitHub Exploit DB Packet Storm
297524 - adobe flash_player
air
air_sdk
Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2013-5330 2024-11-21 10:57 2013-11-13 Show GitHub Exploit DB Packet Storm
297525 - adobe flash_player
air
air_sdk
Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2013-5329 2024-11-21 10:57 2013-11-13 Show GitHub Exploit DB Packet Storm
297526 - adobe coldfusion Adobe ColdFusion 10 before Update 12 allows remote attackers to read arbitrary files via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls
CVE-2013-5328 2024-11-21 10:57 2013-11-13 Show GitHub Exploit DB Packet Storm
297527 - adobe coldfusion Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 12, 9.0.1 before Update 11, 9.0.2 before Update 6, and 10 before Update 12, when the CFIDE directory is available, allow… CWE-79
Cross-site Scripting
CVE-2013-5326 2024-11-21 10:57 2013-11-13 Show GitHub Exploit DB Packet Storm
297528 - cisco nx-os Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router Red… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2013-5566 2024-11-21 10:57 2013-11-8 Show GitHub Exploit DB Packet Storm
297529 - cisco ios_xr The OSPFv3 functionality in Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (process crash) via a malformed LSA Type-1 packet, aka Bug ID CSCuj82176. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2013-5565 2024-11-21 10:57 2013-11-8 Show GitHub Exploit DB Packet Storm
297530 - cisco telepresence_vx_clinical_assistant The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access… CWE-255
Credentials Management
CVE-2013-5558 2024-11-21 10:57 2013-11-8 Show GitHub Exploit DB Packet Storm