Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
220531 5 警告 シスコシステムズ - Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2014-8004 2014-11-27 15:20 2014-11-25 Show GitHub Exploit DB Packet Storm
220532 7.5 危険 シスコシステムズ - Cisco OpenH264 の decode_slice.cpp における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2014-8002 2014-11-27 15:20 2014-11-24 Show GitHub Exploit DB Packet Storm
220533 7.5 危険 シスコシステムズ - Cisco OpenH264 の decode.cpp におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2014-8001 2014-11-27 15:20 2014-11-24 Show GitHub Exploit DB Packet Storm
220534 5 警告 Openswan - Openswan におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2014-2037 2014-11-27 15:19 2014-02-21 Show GitHub Exploit DB Packet Storm
220535 5 警告 シーメンス - 複数のシーメンス製品における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい
CVE-2014-8552 2014-11-27 15:12 2014-11-21 Show GitHub Exploit DB Packet Storm
220536 10 危険 シーメンス - 複数のシーメンス製品における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2014-8551 2014-11-27 15:12 2014-11-21 Show GitHub Exploit DB Packet Storm
220537 7.8 危険 Zoho Corporation - ManageEngine OpUtils の ConfigSaveServlet サーブレットにおけるファイルを公開される脆弱性 CWE-200
情報漏えい
CVE-2014-8678 2014-11-27 14:58 2014-11-21 Show GitHub Exploit DB Packet Storm
220538 5 警告 シスコシステムズ - Network Convergence System 6000 デバイス上で稼働する Cisco IOS XR の lighttpd モジュールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-362
競合状態
CVE-2014-8005 2014-11-27 14:53 2014-11-25 Show GitHub Exploit DB Packet Storm
220539 6.5 警告 Jexperts - JExperts Channel Platform におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-8558 2014-11-27 14:46 2014-10-27 Show GitHub Exploit DB Packet Storm
220540 4.3 警告 IBM - IBM Web Experience Factory におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2014-6196 2014-11-27 14:45 2014-11-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292731 - usercake usercake Multiple cross-site request forgery (CSRF) vulnerabilities in user_settings.php in Usercake 2.0.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that c… CWE-352
 Origin Validation Error
CVE-2014-3866 2024-11-21 11:09 2014-05-27 Show GitHub Exploit DB Packet Storm
292732 - ibm sametime The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote at… CWE-200
Information Exposure
CVE-2014-3867 2024-11-21 11:09 2014-05-26 Show GitHub Exploit DB Packet Storm
292733 5.4 MEDIUM
Network
redhat jboss_aerogear Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise the application with s… CWE-79
Cross-site Scripting
CVE-2014-3650 2024-11-21 11:08 2022-07-1 Show GitHub Exploit DB Packet Storm
292734 7.5 HIGH
Network
redhat jboss_aerogear The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registere… CWE-400
 Uncontrolled Resource Consumption
CVE-2014-3648 2024-11-21 11:08 2022-07-1 Show GitHub Exploit DB Packet Storm
292735 9.8 CRITICAL
Network
musl-libc musl Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact … CWE-787
 Out-of-bounds Write
CVE-2014-3484 2024-11-21 11:08 2020-02-20 Show GitHub Exploit DB Packet Storm
292736 9.8 CRITICAL
Network
php php Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party fil… CWE-416
 Use After Free
CVE-2014-3622 2024-11-21 11:08 2020-02-19 Show GitHub Exploit DB Packet Storm
292737 5.4 MEDIUM
Network
mybb mybb Multiple cross-site scripting (XSS) vulnerabilities in the MyBB (aka MyBulletinBoard) before 1.8.4 allow remote authenticated users to inject arbitrary web script or HTML via the title parameter in t… CWE-79
Cross-site Scripting
CVE-2014-3827 2024-11-21 11:08 2020-02-12 Show GitHub Exploit DB Packet Storm
292738 5.4 MEDIUM
Network
mybb mybb Cross-site scripting (XSS) vulnerability in MyBB before 1.6.13 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter in the edit action of the config-profile… CWE-79
Cross-site Scripting
CVE-2014-3826 2024-11-21 11:08 2020-02-12 Show GitHub Exploit DB Packet Storm
292739 6.1 MEDIUM
Network
nokia 1830_photonic_service_switch-4_firmware
1830_photonic_service_switch-16_firmware
1830_photonic_service_switch-32_firmware
Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting
CVE-2014-3809 2024-11-21 11:08 2020-02-1 Show GitHub Exploit DB Packet Storm
292740 9.8 CRITICAL
Network
exlibrisgroup aleph_500 Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via t… CWE-89
SQL Injection
CVE-2014-3719 2024-11-21 11:08 2020-01-31 Show GitHub Exploit DB Packet Storm