Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
221641 7.5 危険 Alex Kellner - TYPO3 用 powermail エクステンションにおける CAPTCHA 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-6288 2014-10-7 17:29 2014-04-10 Show GitHub Exploit DB Packet Storm
221642 7.5 危険 Alex Kellner - TYPO3 用 powermail エクステンションにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2014-3947 2014-10-7 17:28 2014-05-22 Show GitHub Exploit DB Packet Storm
221643 9.3 危険 TP-LINK Technologies - TP-LINK WR1043ND ルータのファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2013-2645 2014-10-7 16:48 2013-04-29 Show GitHub Exploit DB Packet Storm
221644 10 危険 Schneider Electric - Schneider Electric Modicon PLC Ethernet モジュールの SchneiderWEB におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2014-0754 2014-10-7 16:00 2014-09-16 Show GitHub Exploit DB Packet Storm
221645 5 警告 ZyXEL - ZyXEL SBG-3300 Security Gateway のファームウェアのログインページにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2014-7278 2014-10-7 15:41 2014-10-2 Show GitHub Exploit DB Packet Storm
221646 4.3 警告 ZyXEL - ZyXEL SBG-3300 Security Gateway のファームウェアのログインページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2014-7277 2014-10-7 15:40 2014-10-2 Show GitHub Exploit DB Packet Storm
221647 4 警告 シスコシステムズ - Cisco WebEx Meetings Server における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2014-3400 2014-10-7 15:24 2014-10-3 Show GitHub Exploit DB Packet Storm
221648 5 警告 シスコシステムズ - Cisco Adaptive Security Appliance ソフトウェアの SSL VPN の実装における重要なソフトウェアのバージョン情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2014-3398 2014-10-7 15:24 2014-10-6 Show GitHub Exploit DB Packet Storm
221649 7.5 危険 シスコシステムズ - 複数の ASR 9000 デバイス上で稼動する Cisco IOS XR における Typhoon ラインカードの ACL 制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-3396 2014-10-7 15:23 2014-10-6 Show GitHub Exploit DB Packet Storm
221650 9.3 危険 アップル - Apple OS X の IOHIDSecurePromptClient 関数における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2014-7861 2014-10-7 14:19 2014-10-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
273261 7.2 HIGH
Network
ibm spectrum_scale
general_parallel_file_system
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2016-6115 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
273262 6.5 MEDIUM
Local
ibm tivoli_storage_manager
tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware
IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. CWE-255
Credentials Management
CVE-2016-6110 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
273263 7.5 HIGH
Network
ibm urbancode_deploy IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties. CWE-200
Information Exposure
CVE-2016-6068 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
273264 3.1 LOW
Network
ibm forms_experience_builder IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources. CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2016-6001 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
273265 3.7 LOW
Network
ibm sterling_selling_and_fulfillment_foundation IBM Sterling Order Management transmits the session identifier within the URL. When a user is unable to view a certain view due to not being allowed permissions, the website responds with an error pa… CWE-200
Information Exposure
CVE-2016-5953 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
273266 5.4 MEDIUM
Network
ibm kenexa_lms IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially le… CWE-79
Cross-site Scripting
CVE-2016-5942 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
273267 5.7 MEDIUM
Network
ibm kenexa_lms IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitra… CWE-22
Path Traversal
CVE-2016-5941 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
273268 5.4 MEDIUM
Network
ibm kenexa_lms IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially le… CWE-79
Cross-site Scripting
CVE-2016-5940 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
273269 3.3 LOW
Local
ibm kenexa_lms IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system. CWE-200
Information Exposure
CVE-2016-5938 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
273270 6.1 MEDIUM
Network
ibm inotes IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred… CWE-79
Cross-site Scripting
CVE-2016-5881 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm