Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
223701 6.8 警告 Moodle - Moodle の login/token.php におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証
CVE-2014-0214 2014-05-28 18:28 2014-05-19 Show GitHub Exploit DB Packet Storm
223702 6.8 警告 Moodle - Moodle の Assignment サブシステムの mod/assign/locallib.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2014-0213 2014-05-28 18:27 2014-05-19 Show GitHub Exploit DB Packet Storm
223703 4.3 警告 iMember360 - WordPress 用 iMember360 プラグインにおける任意のユーザを削除される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-3849 2014-05-28 18:26 2014-04-24 Show GitHub Exploit DB Packet Storm
223704 5 警告 iMember360 - WordPress 用 iMember360 プラグインにおけるデータベースの資格情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-3848 2014-05-28 18:26 2014-04-17 Show GitHub Exploit DB Packet Storm
223705 7.2 危険 Panda Security - 複数の Panda Security 製品における権限を取得される脆弱性 CWE-noinfo
情報不足
CVE-2014-3450 2014-05-28 18:25 2014-05-20 Show GitHub Exploit DB Packet Storm
223706 4.3 警告 OpalVOIP
Ekiga.org
Novell
- Ekiga で使用される Portable Tool Library におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー
CVE-2013-1864 2014-05-28 18:21 2013-01-12 Show GitHub Exploit DB Packet Storm
223707 6.8 警告 Ivan Zahariev - IZArc におけるファイル拡張子を偽装する攻撃を実行される脆弱性 CWE-94
コード・インジェクション
CVE-2014-2720 2014-05-28 18:20 2014-05-5 Show GitHub Exploit DB Packet Storm
223708 4.9 警告 Linux - Linux kernel の kernel/futex.c 内の futex_wait_requeue_pi 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2012-6647 2014-05-28 18:19 2012-08-9 Show GitHub Exploit DB Packet Storm
223709 7.6 危険 シスコシステムズ - Cisco NX-OS の Smart Call Home の実装におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2014-3261 2014-05-28 18:15 2014-05-21 Show GitHub Exploit DB Packet Storm
223710 8.5 危険 ヒューレット・パッカード - HP Operations Manager i における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2014-2607 2014-05-28 17:35 2014-05-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
277281 5.5 MEDIUM
Local
apple mac_os_x AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2016-1732 2024-11-21 11:46 2016-03-24 Show GitHub Exploit DB Packet Storm
277282 6.1 MEDIUM
Network
microfocus self_service_password_reset Cross-site scripting (XSS) vulnerability in NetIQ Self Service Password Reset (SSPR) 2.x and 3.x before 3.3.1 HF2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. CWE-79
Cross-site Scripting
CVE-2016-1599 2024-11-21 11:46 2016-03-24 Show GitHub Exploit DB Packet Storm
277283 5.9 MEDIUM
Network
apple software_update Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream. CWE-310
CWE-345
Cryptographic Issues
 Insufficient Verification of Data Authenticity
CVE-2016-1731 2024-11-21 11:46 2016-03-14 Show GitHub Exploit DB Packet Storm
277284 8.8 HIGH
Network
google
debian
opensuse
chrome
debian_linux
leap
opensuse
suse_linux_enterprise_server
Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of … CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2016-1645 2024-11-21 11:46 2016-03-14 Show GitHub Exploit DB Packet Storm
277285 8.8 HIGH
Network
google chrome WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of s… NVD-CWE-Other
CVE-2016-1644 2024-11-21 11:46 2016-03-14 Show GitHub Exploit DB Packet Storm
277286 8.8 HIGH
Network
google chrome The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent… CWE-361
 7PK - Time and State
CVE-2016-1643 2024-11-21 11:46 2016-03-14 Show GitHub Exploit DB Packet Storm
277287 9.8 CRITICAL
Network
google android libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2016-1621 2024-11-21 11:46 2016-03-13 Show GitHub Exploit DB Packet Storm
277288 4.3 MEDIUM
Network
dte_energy insight The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter. CWE-200
Information Exposure
CVE-2016-1562 2024-11-21 11:46 2016-03-12 Show GitHub Exploit DB Packet Storm
277289 5.3 MEDIUM
Adjacent
cisco ios_xr Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to… CWE-399
 Resource Management Errors
CVE-2016-1361 2024-11-21 11:46 2016-03-12 Show GitHub Exploit DB Packet Storm
277290 7.1 HIGH
Local
cisco prime_lan_management_solution Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveragin… CWE-200
Information Exposure
CVE-2016-1360 2024-11-21 11:46 2016-03-12 Show GitHub Exploit DB Packet Storm