Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223321 9.3 危険 アップル - Apple QuickTime における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-0671 2013-12-2 18:28 2012-05-16 Show GitHub Exploit DB Packet Storm
223322 9.3 危険 アップル - Apple QuickTime における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-0670 2013-12-2 18:12 2012-05-16 Show GitHub Exploit DB Packet Storm
223323 5.8 警告 The PHP Group
アップル		 - PHP のファイルアップロードの実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-1172 2013-12-2 17:58 2012-03-1 Show GitHub Exploit DB Packet Storm
223324 9.3 危険 FFmpeg - FFmpeg の libavcodec/h264.c の field_end 関数における脆弱性 CWE-119
バッファエラー 		CVE-2013-0869 2013-12-2 17:41 2013-02-6 Show GitHub Exploit DB Packet Storm
223325 9.3 危険 アップル - Apple QuickTime におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-0668 2013-12-2 17:37 2012-05-16 Show GitHub Exploit DB Packet Storm
223326 6.8 警告 The PHP Group
アップル		 - PHP における SQL インジェクション攻撃を行われる脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0831 2013-12-2 16:47 2012-02-10 Show GitHub Exploit DB Packet Storm
223327 5 警告 シスコシステムズ - Cisco IOS XR の SNMP モジュールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-6700 2013-12-2 16:26 2013-11-27 Show GitHub Exploit DB Packet Storm
223328 7.5 危険 ヒューレット・パッカード - HP Service Manager および ServiceCenter における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-4844 2013-12-2 16:08 2013-11-26 Show GitHub Exploit DB Packet Storm
223329 3.5 注意 IBM - IBM Sterling Selling and Fulfillment Suite の Sterling Order Management におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6322 2013-12-2 16:06 2013-11-22 Show GitHub Exploit DB Packet Storm
223330 7.5 危険 CiviCRM - CiviCRM の CRM/Core/Page/AJAX/Location.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-5957 2013-12-2 16:04 2012-10-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
277981 - redhat ansible Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle … CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2015-3908 2024-11-21 11:30 2015-08-12 Show GitHub Exploit DB Packet Storm
277982 - debian
linux
canonical 		debian_linux
linux_kernel
ubuntu_linux 		The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data represen… CWE-189
Numeric Errors 		CVE-2015-4167 2024-11-21 11:30 2015-08-6 Show GitHub Exploit DB Packet Storm
277983 - windriver vxworks Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices be… CWE-330
 Use of Insufficiently Random Values 		CVE-2015-3963 2024-11-21 11:30 2015-08-4 Show GitHub Exploit DB Packet Storm
277984 - garrettcom magnum_6k_firmware
magnum_10k_firmware 		The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service (memory corruption and reboot) via a… CWE-399
 Resource Management Errors 		CVE-2015-3961 2024-11-21 11:30 2015-08-4 Show GitHub Exploit DB Packet Storm
277985 - garrettcom magnum_6k_firmware
magnum_10k_firmware 		The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it easi… CWE-310
Cryptographic Issues 		CVE-2015-3960 2024-11-21 11:30 2015-08-4 Show GitHub Exploit DB Packet Storm
277986 - garrettcom magnum_6k_firmware
magnum_10k_firmware 		The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate attack… NVD-CWE-Other
CVE-2015-3959 2024-11-21 11:30 2015-08-4 Show GitHub Exploit DB Packet Storm
277987 - garrettcom magnum_6k_firmware
magnum_10k_firmware 		Multiple cross-site scripting (XSS) vulnerabilities in the web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allow remote attackers to inject arbitrary w… CWE-79
Cross-site Scripting 		CVE-2015-3942 2024-11-21 11:30 2015-08-4 Show GitHub Exploit DB Packet Storm
277988 - schneider-electric wonderware_system_platform_2014 Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. CWE-22
Path Traversal 		CVE-2015-3940 2024-11-21 11:30 2015-08-4 Show GitHub Exploit DB Packet Storm
277989 - cisco unified_communications_manager The Prime Collaboration Deployment component in Cisco Unified Communications Manager 10.5(3.10000.9) allows remote authenticated users to discover root credentials via a direct request to an unspecif… CWE-200
Information Exposure 		CVE-2015-4295 2024-11-21 11:30 2015-08-1 Show GitHub Exploit DB Packet Storm
277990 - cisco unified_communications_manager_im_and_presence_service Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows remote attackers to inject arbitrary web script or HTML by constructing a crafted URL that leverages i… CWE-79
Cross-site Scripting 		CVE-2015-4294 2024-11-21 11:30 2015-08-1 Show GitHub Exploit DB Packet Storm