Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
222081	6.8	警告	シスコシステムズ	-	Cisco Emergency Responder の CERUserServlet ページにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-2115	2014-04-7 14:57	2014-04-3	Show	GitHub Exploit DB Packet Storm

222082	4.3	警告	シスコシステムズ	-	Cisco Emergency Responder の UserServlet におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2114	2014-04-7 14:57	2014-04-3	Show	GitHub Exploit DB Packet Storm

222083	4.3	警告	DELL EMC (旧 EMC Corporation)	-	RSA Adaptive Authentication におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0638	2014-04-7 14:19	2014-04-1	Show	GitHub Exploit DB Packet Storm

222084	4.3	警告	DELL EMC (旧 EMC Corporation)	-	RSA Adaptive Authentication のバックオフィスケース管理アプリケーションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0637	2014-04-7 14:18	2014-04-1	Show	GitHub Exploit DB Packet Storm

222085	9.3	危険	Core FTP	-	Core FTP におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-3930	2014-04-7 14:03	2013-08-14	Show	GitHub Exploit DB Packet Storm

222086	10	危険	サムスン	-	Samsung Kies の SyncService.dll ActiveX コントロールの PrepareSync メソッドにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-6429	2014-04-7 13:51	2012-12-27	Show	GitHub Exploit DB Packet Storm

222087	7.8	危険	Schneider Electric	-	複数の Schneider Electric OPC Factory Server 製品におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-0789	2014-04-7 12:30	2014-03-25	Show	GitHub Exploit DB Packet Storm

222088	7.5	危険	The Foreman	-	Foreman における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-5648	2014-04-7 12:21	2012-12-19	Show	GitHub Exploit DB Packet Storm

222089	7.5	危険	Crowbar Novell	-	SUSE Cloud 3 で使用される Crowbar Framework 用 Barclamp におけるセキュリティグループの制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0592	2014-04-7 12:01	2014-03-27	Show	GitHub Exploit DB Packet Storm

222090	4.3	警告	Robert Abramski	-	WordPress 用 Uploader プラグインの views/notify.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-2287	2014-04-7 11:52	2013-03-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
268451	9.8	CRITICAL Network	lexmark	markvision_enterprise	Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attackers to execute arbitrary commands by uploading files. (	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2016-6918	2024-11-21 11:57	2020-03-10	Show	GitHub Exploit DB Packet Storm

268452	9.8	CRITICAL Network	php	ext-http	A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attacker…	CWE-704 Incorrect Type Conversion or Cast	CVE-2016-7398	2024-11-21 11:57	2019-09-7	Show	GitHub Exploit DB Packet Storm

268453	9.8	CRITICAL Network	openstack	magnum	OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API acces…	CWE-200 Information Exposure	CVE-2016-7404	2024-11-21 11:57	2019-06-21	Show	GitHub Exploit DB Packet Storm

268454	9.8	CRITICAL Network	redhat	kie-server	It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access…	-	CVE-2016-7043	2024-11-21 11:57	2019-05-16	Show	GitHub Exploit DB Packet Storm

268455	5.5	MEDIUM Local	capstone-engine	capstone	Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c.	CWE-125 Out-of-bounds Read	CVE-2016-7151	2024-11-21 11:57	2019-05-15	Show	GitHub Exploit DB Packet Storm

268456	7.8	HIGH Local	redhat	jboss_enterprise_application_platform	It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execut…	CWE-275 Permission Issues	CVE-2016-7066	2024-11-21 11:57	2018-09-11	Show	GitHub Exploit DB Packet Storm

268457	5.9	MEDIUM Network	powerdns debian	authoritative recursor debian_linux	An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insuf…	CWE-20 Improper Input Validation	CVE-2016-7074	2024-11-21 11:57	2018-09-11	Show	GitHub Exploit DB Packet Storm

268458	5.9	MEDIUM Network	powerdns debian	authoritative recursor debian_linux	An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insuf…	CWE-20 Improper Input Validation	CVE-2016-7073	2024-11-21 11:57	2018-09-11	Show	GitHub Exploit DB Packet Storm

268459	8.0	HIGH Adjacent	redhat	ansible_tower	A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use th…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-7070	2024-11-21 11:57	2018-09-11	Show	GitHub Exploit DB Packet Storm

268460	7.5	HIGH Network	powerdns	dnsdist	An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the re…	CWE-20 Improper Input Validation	CVE-2016-7069	2024-11-21 11:57	2018-09-11	Show	GitHub Exploit DB Packet Storm