Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
222551 7.5 危険 CTDB Project
Novell
- OpenSUSE の ctdb における脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2013-4159 2014-08-8 14:40 2013-10-25 Show GitHub Exploit DB Packet Storm
222552 6 警告 Piwigo - Piwigo における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2014-4649 2014-08-8 12:06 2014-08-8 Show GitHub Exploit DB Packet Storm
222553 5 警告 IBM - IBM Tivoli Endpoint Manager における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい
CVE-2014-3066 2014-08-7 12:27 2014-06-25 Show GitHub Exploit DB Packet Storm
222554 2.7 注意 Xen プロジェクト - Xen における重要な情報を取得される脆弱性 CWE-119
バッファエラー
CVE-2014-4021 2014-08-7 12:22 2014-06-17 Show GitHub Exploit DB Packet Storm
222555 6.8 警告 マイクロソフト
アドビシステムズ
- Adobe Flash Player および Adobe AIR におけるクロスサイトリクエストフォージェリ攻撃を実行される脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2014-4671 2014-08-6 17:36 2014-07-8 Show GitHub Exploit DB Packet Storm
222556 7.5 危険 Ruby on Rails project - Ruby on Rails の Active Record 用 PostgreSQL アダプタにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2014-3483 2014-08-6 17:23 2014-07-2 Show GitHub Exploit DB Packet Storm
222557 7.5 危険 Ruby on Rails project - Ruby on Rails の Active Record 用 PostgreSQL アダプタにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2014-3482 2014-08-6 17:21 2014-07-2 Show GitHub Exploit DB Packet Storm
222558 4.7 警告 Linux - 32-bit x86 プラットフォーム上で稼動する Linux kernel の arch/x86/kernel/entry_32.S におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題
CVE-2014-4508 2014-08-6 17:17 2014-06-16 Show GitHub Exploit DB Packet Storm
222559 6.9 警告 Linux - インテルプロセッサ上で稼動する Linux Kernel における競合状態を利用される脆弱性 CWE-362
競合状態
CVE-2014-4699 2014-08-6 17:16 2014-07-6 Show GitHub Exploit DB Packet Storm
222560 6.4 警告 シスコシステムズ - Cisco ASR 9000 デバイスの Trident ラインカード上で稼動する Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2014-3308 2014-08-6 16:58 2014-07-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
278021 4.7 MEDIUM
Local
linux
debian
linux_kernel
debian_linux
In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated w… CWE-362
Race Condition
CVE-2016-10741 2024-11-21 11:44 2019-02-2 Show GitHub Exploit DB Packet Storm
278022 4.9 MEDIUM
Network
atlassian crowd Various resources in Atlassian Crowd before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories by examining the responses to reques… CWE-200
Information Exposure
CVE-2016-10740 2024-11-21 11:44 2019-01-29 Show GitHub Exploit DB Packet Storm
278023 5.3 MEDIUM
Local
gnu
opensuse
glibc
leap
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, whic… CWE-20
 Improper Input Validation 
CVE-2016-10739 2024-11-21 11:44 2019-01-22 Show GitHub Exploit DB Packet Storm
278024 8.8 HIGH
Network
castlamp zenbership Zenbership v107 has CSRF via admin/cp-functions/event-add.php. CWE-352
 Origin Validation Error
CVE-2016-10738 2024-11-21 11:44 2019-01-16 Show GitHub Exploit DB Packet Storm
278025 5.4 MEDIUM
Network
s9y serendipity Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter. CWE-79
Cross-site Scripting
CVE-2016-10737 2024-11-21 11:44 2019-01-16 Show GitHub Exploit DB Packet Storm
278026 6.1 MEDIUM
Network
devpups social_pug The "Social Pug - Easy Social Share Buttons" plugin before 1.2.6 for WordPress allows XSS via the wp-admin/admin.php?page=dpsp-toolkit dpsp_message_class parameter. CWE-79
Cross-site Scripting
CVE-2016-10736 2024-11-21 11:44 2019-01-10 Show GitHub Exploit DB Packet Storm
278027 6.1 MEDIUM
Network
getbootstrap bootstrap In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. CWE-79
Cross-site Scripting
CVE-2016-10735 2024-11-21 11:44 2019-01-9 Show GitHub Exploit DB Packet Storm
278028 9.8 CRITICAL
Network
qualcomm mdm9206_firmware
mdm9607_firmware
mdm9650_firmware
sd_210_firmware
sd_212_firmware
sd_205_firmware
sd_835_firmware
sda660_firmware
While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM965… CWE-190
 Integer Overflow or Wraparound
CVE-2016-10502 2024-11-21 11:44 2018-12-10 Show GitHub Exploit DB Packet Storm
278029 9.8 CRITICAL
Network
projectsend projectsend ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php. CWE-285
Improper Authorization
CVE-2016-10734 2024-11-21 11:44 2018-10-29 Show GitHub Exploit DB Packet Storm
278030 9.8 CRITICAL
Network
projectsend projectsend ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string. CWE-22
Path Traversal
CVE-2016-10733 2024-11-21 11:44 2018-10-29 Show GitHub Exploit DB Packet Storm