Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217041	6.8	警告	Zend Technologies Ltd.	-	複数の Zend 製品における XML 外部エンティティ攻撃を実行される脆弱性	CWE-Other その他	CVE-2014-2682	2014-11-18 12:46	2014-04-3	Show	GitHub Exploit DB Packet Storm

217042	6.4	警告	Zend Technologies Ltd.	-	複数の Zend 製品における任意のファイルを読まれる脆弱性	CWE-Other その他	CVE-2014-2681	2014-11-18 12:46	2014-04-3	Show	GitHub Exploit DB Packet Storm

217043	6.1	警告	シスコシステムズ	-	Cisco Aironet アクセスポイント上で稼働する Cisco IOS の DHCP の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2014-7997	2014-11-18 11:38	2014-11-17	Show	GitHub Exploit DB Packet Storm

217044	7.1	危険	シスコシステムズ	-	Cisco Aironet アクセスポイント上で稼働する Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-7998	2014-11-18 11:37	2014-11-17	Show	GitHub Exploit DB Packet Storm

217045	4.6	警告	Fabrice Bellard	-	QEMU の ACPI PCI hotplug インターフェースの pci_read 関数における重要な情報を取得される脆弱性	CWE-119 バッファエラー	CVE-2014-5388	2014-11-18 10:37	2014-08-24	Show	GitHub Exploit DB Packet Storm

217046	4.3	警告	IBM	-	IBM Security Access Manager for Web および Security Access Manager for Mobile におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-6079	2014-11-17 16:54	2014-09-29	Show	GitHub Exploit DB Packet Storm

217047	3.5	注意	IBM	-	IBM FileNet Content Manager および Content Foundation におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4763	2014-11-17 16:53	2014-08-29	Show	GitHub Exploit DB Packet Storm

217048	7.2	危険	Fabrice Bellard Canonical	-	QEMU の vmware-vga ドライバにおける qemu メモリロケーションに書き込まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-3689	2014-11-17 16:34	2014-10-15	Show	GitHub Exploit DB Packet Storm

217049	4.3	警告	シスコシステムズ	-	Cisco Unified Communications Manager の Remote Mobile Access Subsystem における VCS core デバイスを偽造される脆弱性	CWE-310 暗号の問題	CVE-2014-7991	2014-11-17 14:37	2014-11-11	Show	GitHub Exploit DB Packet Storm

217050	7.5	危険	Rockwell Automation	-	Rockwell Automation Connected Components Workbench におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-5424	2014-11-17 14:28	2014-11-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
290891	-	oracle mariadb redhat	mysql mariadb enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_tus enterprise_linux_server_aus enterprise_linux_eus	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.	NVD-CWE-noinfo	CVE-2014-0384	2024-11-21 11:01	2014-04-16	Show	GitHub Exploit DB Packet Storm

290892	-	gopivotal	grails-resources grails	The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 before 2.3.6 does not properly restrict access to files in the WEB-INF directory, which allows remote att…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-0053	2024-11-21 11:01	2014-04-16	Show	GitHub Exploit DB Packet Storm

290893	-	apache oracle	xalan-java webcenter_sites	The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass exp…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-0107	2024-11-21 11:01	2014-04-16	Show	GitHub Exploit DB Packet Storm

290894	-	openstack	compute icehouse	The Nova EC2 API security group implementation in OpenStack Compute (Nova) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for (1) add_rules, (2) remove_rules, …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-0167	2024-11-21 11:01	2014-04-15	Show	GitHub Exploit DB Packet Storm

290895	-	openstack opensuse	horizon opensuse	Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to…	CWE-79 Cross-site Scripting	CVE-2014-0157	2024-11-21 11:01	2014-04-15	Show	GitHub Exploit DB Packet Storm

290896	-	haxx	curl libcurl	cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate, …	CWE-310 Cryptographic Issues	CVE-2014-0139	2024-11-21 11:01	2014-04-15	Show	GitHub Exploit DB Packet Storm

290897	-	haxx debian	curl libcurl debian_linux	The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, whic…	CWE-287 Improper Authentication	CVE-2014-0138	2024-11-21 11:01	2014-04-15	Show	GitHub Exploit DB Packet Storm

290898	-	openstack	python-keystoneclient	The auth_token middleware in the OpenStack Python client library for Keystone (aka python-keystoneclient) before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authen…	CWE-255 Credentials Management	CVE-2014-0105	2024-11-21 11:01	2014-04-15	Show	GitHub Exploit DB Packet Storm

290899	-	xangati	xangati_software_release xangati_xnr	Xangati XSR before 11 and XNR before 7 allows remote attackers to execute arbitrary commands via shell metacharacters in a gui_input_test.pl params parameter to servlet/Installer.	CWE-78 OS Command	CVE-2014-0359	2024-11-21 11:01	2014-04-15	Show	GitHub Exploit DB Packet Storm

290900	-	xangati	xangati_software_release xangati_xnr	Multiple directory traversal vulnerabilities in Xangati XSR before 11 and XNR before 7 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the file parameter in a getUpgradeStatu…	CWE-22 Path Traversal	CVE-2014-0358	2024-11-21 11:01	2014-04-15	Show	GitHub Exploit DB Packet Storm