Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
222251 2.6 注意 サン・マイクロシステムズ
Linux
IBM
ヒューレット・パッカード
- 複数の OS 上で稼動する IBM Tivoli Storage Manager for Space Management のバックアップ/アーカイブ・クライアントにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2013-6335 2014-08-27 16:23 2013-10-31 Show GitHub Exploit DB Packet Storm
222252 6.9 警告 OpenVPN Technologies - OpenVPN に同梱された PrivateTunnel の ptservice サービスにおける権限を取得される脆弱性 CWE-Other
その他
CVE-2014-5455 2014-08-27 15:57 2014-07-11 Show GitHub Exploit DB Packet Storm
222253 6 警告 SAS - SAS Visual Analytics のイメージアップロードモジュールにおける任意のコードを実行される脆弱性 CWE-Other
その他
CVE-2014-5454 2014-08-27 15:26 2014-08-13 Show GitHub Exploit DB Packet Storm
222254 2.1 注意 Social Stats project - Drupal 用 Social Stats モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2014-5456 2014-08-27 14:59 2014-08-19 Show GitHub Exploit DB Packet Storm
222255 7.2 危険 Ubisoft - Ubisoft Uplay PC における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-5453 2014-08-27 14:22 2014-07-3 Show GitHub Exploit DB Packet Storm
222256 6.8 警告 innovaphone AG - innovaphone PBX におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2014-5335 2014-08-27 13:58 2014-08-21 Show GitHub Exploit DB Packet Storm
222257 5 警告 Debian
Python Software Foundation
- Python Image Library および Pillow の PIL/IcnsImagePlugin.py におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2014-3589 2014-08-27 12:25 2014-08-13 Show GitHub Exploit DB Packet Storm
222258 4.3 警告 Apache Software Foundation - Apache ActiveMQ の scheduled.jsp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2013-1879 2014-08-26 17:47 2013-03-21 Show GitHub Exploit DB Packet Storm
222259 7.1 危険 IBM - IBM GCM16 および GCM32 Global Console Manager スイッチのファームウェアの systest.php における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション
CVE-2014-3085 2014-08-26 17:42 2014-07-14 Show GitHub Exploit DB Packet Storm
222260 6.3 警告 IBM - IBM GCM16 および GCM32 Global Console Manager スイッチのファームウェアの prodtest.php における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい
CVE-2014-3081 2014-08-26 17:42 2014-07-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 2, 2026, 4:03 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
272751 9.8 CRITICAL
Network
samsung exynos_fimg2d NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382. CWE-476
 NULL Pointer Dereference
CVE-2016-6604 2024-11-21 11:56 2017-01-31 Show GitHub Exploit DB Packet Storm
272752 7.5 HIGH
Network
atlassian confluence_server
jira_integration_for_hipchat
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA … CWE-200
Information Exposure
CVE-2016-6668 2024-11-21 11:56 2017-01-24 Show GitHub Exploit DB Packet Storm
272753 9.8 CRITICAL
Network
zohocorp webnms_framework ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header. CWE-20
 Improper Input Validation 
CVE-2016-6603 2024-11-21 11:56 2017-01-24 Show GitHub Exploit DB Packet Storm
272754 9.8 CRITICAL
Network
zohocorp webnms_framework ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm
CVE-2016-6602 2024-11-21 11:56 2017-01-24 Show GitHub Exploit DB Packet Storm
272755 7.5 HIGH
Network
zohocorp webnms_framework Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parame… CWE-22
Path Traversal
CVE-2016-6601 2024-11-21 11:56 2017-01-24 Show GitHub Exploit DB Packet Storm
272756 9.8 CRITICAL
Network
zohocorp webnms_framework Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbitrary JSP files via a .. (dot dot) in the… CWE-22
Path Traversal
CVE-2016-6600 2024-11-21 11:56 2017-01-24 Show GitHub Exploit DB Packet Storm
272757 9.1 CRITICAL
Network
doorkeeper_project doorkeeper The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers to conduct replay attacks or revoke arbitrary tokens by leveraging failure to implement the OAuth 2.0 Token Revocation specificat… CWE-254
 7PK - Security Features
CVE-2016-6582 2024-11-21 11:56 2017-01-24 Show GitHub Exploit DB Packet Storm
272758 8.8 HIGH
Network
gopivotal grails Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and Grails Web Console) 2.0.7, 1.5.10, and earlier allows remote attackers to hijack the authentication of … CWE-352
 Origin Validation Error
CVE-2016-6521 2024-11-21 11:56 2017-01-24 Show GitHub Exploit DB Packet Storm
272759 9.8 CRITICAL
Network
liferay liferay Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified impact via a %2E%2E (encoded dot dot) in the minifierBundleDir parameter to barebone.jsp. CWE-22
Path Traversal
CVE-2016-6517 2024-11-21 11:56 2017-01-24 Show GitHub Exploit DB Packet Storm
272760 6.1 MEDIUM
Network
infoblox netmri CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentTyp… CWE-93
CRLF Injection
CVE-2016-6484 2024-11-21 11:56 2017-01-24 Show GitHub Exploit DB Packet Storm