Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
222561	9.3	危険	FFmpeg	-	FFmpeg の libavcodec/mjpegdec.c の mjpeg_decode_scan_progressive_ac 関数における脆弱性	CWE-20 不適切な入力確認	CVE-2013-0854	2013-12-11 11:01	2013-07-16	Show	GitHub Exploit DB Packet Storm

222562	9.3	危険	FFmpeg	-	FFmpeg の libavcodec/roqvideodec.c の roq_decode_init 関数における脆弱性	CWE-20 不適切な入力確認	CVE-2013-0849	2013-12-11 10:50	2013-07-16	Show	GitHub Exploit DB Packet Storm

222563	9.3	危険	FFmpeg	-	FFmpeg の libavcodec/qdm2.c の qdm2_decode_super_block 関数における脆弱性	CWE-20 不適切な入力確認	CVE-2013-0846	2013-12-11 10:36	2013-07-16	Show	GitHub Exploit DB Packet Storm

222564	9.3	危険	FFmpeg	-	FFmpeg の libavcodec/alsdec.c における脆弱性	CWE-119 バッファエラー	CVE-2013-0845	2013-12-11 10:33	2013-02-7	Show	GitHub Exploit DB Packet Storm

222565	9.3	危険	FFmpeg	-	FFmpeg の libavcodec/adpcm.c の adpcm_decode_frame 関数における脆弱性	CWE-189 数値処理の問題	CVE-2013-0844	2013-12-11 10:29	2013-02-7	Show	GitHub Exploit DB Packet Storm

222566	4.3	警告	Twibright Labs	-	links における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2013-6050	2013-12-11 10:17	2013-05-15	Show	GitHub Exploit DB Packet Storm

222567	7.5	危険	Wouter Verhelst	-	Network Block Device の nbd-server におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-6410	2013-12-11 09:49	2013-11-29	Show	GitHub Exploit DB Packet Storm

222568	6.8	警告	Apache Software Foundation	-	Apache Roller の ActionSupport コントローラの特定の getText メソッドにおける任意の OGNL 式を実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-4212	2013-12-10 18:28	2013-11-3	Show	GitHub Exploit DB Packet Storm

222569	4.3	警告	Apache Software Foundation	-	Apache Roller におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-4171	2013-12-10 18:25	2013-11-3	Show	GitHub Exploit DB Packet Storm

222570	6.2	警告	Debian	-	Debian adequate における tty をハイジャックされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-6409	2013-12-10 16:22	2013-11-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
273401	5.5	MEDIUM Local	redhat	enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus kernel-rt enterprise_mrg	The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot re…	CWE-254 7PK - Security Features	CVE-2015-7837	2024-11-21 11:37	2017-09-20	Show	GitHub Exploit DB Packet Storm

273402	4.3	MEDIUM Network	drupal	drupal	The Entity Registration module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to obtain sensitive event registration information by leveraging the "Register other accounts" permission and …	CWE-200 Information Exposure	CVE-2015-7880	2024-11-21 11:37	2017-09-14	Show	GitHub Exploit DB Packet Storm

273403	5.4	MEDIUM Network	stickynote_project	stickynote	Cross-site scripting (XSS) vulnerability in the Stickynote module 7.x before 7.x-1.3 for Drupal allows remote authenticated users with permission to create or edit a stickynote to inject arbitrary we…	CWE-79 Cross-site Scripting	CVE-2015-7879	2024-11-21 11:37	2017-09-12	Show	GitHub Exploit DB Packet Storm

273404	9.8	CRITICAL Network	user_dashboard_project	user_dashboard	Multiple SQL injection vulnerabilities in the User Dashboard module 7.x before 7.x-1.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2015-7877	2024-11-21 11:37	2017-09-12	Show	GitHub Exploit DB Packet Storm

273405	5.3	MEDIUM Network	qt	qtwebkit	qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db.	CWE-200 Information Exposure	CVE-2015-8079	2024-11-21 11:37	2017-09-8	Show	GitHub Exploit DB Packet Storm

273406	5.4	MEDIUM Network	centreon	centreon	Cross-site scripting (XSS) vulnerability in Centreon 2.6.1 (fixed in Centreon 18.10.0 and Centreon web 2.8.27).	CWE-79 Cross-site Scripting	CVE-2015-7672	2024-11-21 11:37	2017-09-8	Show	GitHub Exploit DB Packet Storm

273407	9.8	CRITICAL Network	netapp	data_ontap	NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remote attackers to bypass authentication and (1) obtain sensitive information from or (2) modify volumes via vectors related to UTF-8…	CWE-287 Improper Authentication	CVE-2015-7746	2024-11-21 11:37	2017-09-1	Show	GitHub Exploit DB Packet Storm

273408	6.1	MEDIUM Network	atutor	atutor	Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the h parameter.	CWE-79 Cross-site Scripting	CVE-2015-7711	2024-11-21 11:37	2017-09-1	Show	GitHub Exploit DB Packet Storm

273409	9.8	CRITICAL Network	pngcrush_project	pngcrush	Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors.	CWE-415 Double Free	CVE-2015-7700	2024-11-21 11:37	2017-09-1	Show	GitHub Exploit DB Packet Storm

273410	6.5	MEDIUM Network	samsung	samsung_mobile	LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-7896	2024-11-21 11:37	2017-08-25	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed