Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
221511	4.3	警告	Roundup	-	Roundup におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6132	2014-04-14 18:31	2012-05-15	Show	GitHub Exploit DB Packet Storm

221512	6.8	警告	Lester Chan	-	WordPress 用 WP-PostViews プラグインのオプションの管理者ページにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-3252	2014-04-14 18:26	2013-05-7	Show	GitHub Exploit DB Packet Storm

221513	6.8	警告	Qian Qin	-	WordPress 用 qTranslate プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-3251	2014-04-14 18:26	2013-06-4	Show	GitHub Exploit DB Packet Storm

221514	6.8	警告	Jeremy Massel	-	WordPress 用 underConstruction プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2699	2014-04-14 18:26	2013-06-3	Show	GitHub Exploit DB Packet Storm

221515	6.8	警告	Lester Chan	-	WordPress 用 WP-Print プラグインのオプションにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2693	2014-04-14 18:25	2013-04-5	Show	GitHub Exploit DB Packet Storm

221516	6.8	警告	Dean Adjie Minwarie	-	WordPress 用 DVS Custom Notification プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4921	2014-04-14 18:24	2012-09-14	Show	GitHub Exploit DB Packet Storm

221517	5.8	警告	kernel.org	-	Linux-PAM 用 pam_timestamp モジュールの pam_timestamp.c におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-2583	2014-04-14 18:04	2014-03-26	Show	GitHub Exploit DB Packet Storm

221518	7.5	危険	Pearson Education, Inc.	-	Pearson eSIS Enterprise Student Information System のパスワードリセット機能における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-1455	2014-04-14 17:52	2014-04-6	Show	GitHub Exploit DB Packet Storm

221519	2.1	注意	CloudBees	-	CloudBees Jenkins におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-2033	2014-04-14 17:38	2013-05-2	Show	GitHub Exploit DB Packet Storm

221520	6.5	警告	レッドハット (KIE Group) レッドハット	-	複数の Red Hat Jboss 製品における任意の Java コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-6468	2014-04-14 17:23	2013-11-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
273151	6.8	MEDIUM Physics	apple	iphone_os mac_os_x	AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corrupt…	CWE-264 CWE-119 Permissions, Privileges, and Access Controls Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1734	2024-11-21 11:46	2016-03-24	Show	GitHub Exploit DB Packet Storm

273152	7.8	HIGH Local	apple	mac_os_x	AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.	CWE-119 CWE-20 Incorrect Access of Indexable Resource ('Range Error') Improper Input Validation	CVE-2016-1733	2024-11-21 11:46	2016-03-24	Show	GitHub Exploit DB Packet Storm

273153	5.5	MEDIUM Local	apple	mac_os_x	AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1732	2024-11-21 11:46	2016-03-24	Show	GitHub Exploit DB Packet Storm

273154	6.1	MEDIUM Network	microfocus	self_service_password_reset	Cross-site scripting (XSS) vulnerability in NetIQ Self Service Password Reset (SSPR) 2.x and 3.x before 3.3.1 HF2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.	CWE-79 Cross-site Scripting	CVE-2016-1599	2024-11-21 11:46	2016-03-24	Show	GitHub Exploit DB Packet Storm

273155	5.9	MEDIUM Network	apple	software_update	Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream.	CWE-310 CWE-345 Cryptographic Issues Insufficient Verification of Data Authenticity	CVE-2016-1731	2024-11-21 11:46	2016-03-14	Show	GitHub Exploit DB Packet Storm

273156	8.8	HIGH Network	google debian opensuse	chrome debian_linux leap opensuse suse_linux_enterprise_server	Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1645	2024-11-21 11:46	2016-03-14	Show	GitHub Exploit DB Packet Storm

273157	8.8	HIGH Network	google	chrome	WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of s…	NVD-CWE-Other	CVE-2016-1644	2024-11-21 11:46	2016-03-14	Show	GitHub Exploit DB Packet Storm

273158	8.8	HIGH Network	google	chrome	The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent…	CWE-361 7PK - Time and State	CVE-2016-1643	2024-11-21 11:46	2016-03-14	Show	GitHub Exploit DB Packet Storm

273159	9.8	CRITICAL Network	google	android	libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1621	2024-11-21 11:46	2016-03-13	Show	GitHub Exploit DB Packet Storm

273160	4.3	MEDIUM Network	dte_energy	insight	The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter.	CWE-200 Information Exposure	CVE-2016-1562	2024-11-21 11:46	2016-03-12	Show	GitHub Exploit DB Packet Storm