Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
226341 7.5 危険 Open Web Analytics - Open Web Analytics のパスワードリセットのページにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2014-1206 2014-01-20 10:16 2014-01-9 Show GitHub Exploit DB Packet Storm
226342 10 危険 LOREX Technology - 複数の Lorex Edge 製品のファームウェアの INetViewX ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2014-1201 2014-01-20 10:16 2014-01-9 Show GitHub Exploit DB Packet Storm
226343 7.5 危険 WellinTech - 複数の WellinTech 製品の ActiveX コントロールにおける任意の DLL コードをダウンロードされる脆弱性 CWE-94
コード・インジェクション
CVE-2013-2827 2014-01-20 10:15 2014-01-14 Show GitHub Exploit DB Packet Storm
226344 6.4 警告 WellinTech - 複数の WellinTech 製品におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2013-2826 2014-01-20 10:14 2014-01-14 Show GitHub Exploit DB Packet Storm
226345 3.5 注意 VASCO - VASCO IDENTIKEY Authentication Server に認証不備の脆弱性 CWE-287
CWE-Other
CVE-2013-7292 2014-01-17 18:20 2014-01-9 Show GitHub Exploit DB Packet Storm
226346 7.2 危険 サン・マイクロシステムズ
オラクル
- Sun Solaris の dbm_open() および dbminit() 関数におけるバッファオーバーフローの脆弱性 - CVE-2003-1067 2014-01-17 18:10 2003-06-19 Show GitHub Exploit DB Packet Storm
226347 9.3 危険 オラクル - Oracle Java SE における Hotspot に関する脆弱性 CWE-noinfo
情報不足
CVE-2014-0408 2014-01-17 17:17 2014-01-14 Show GitHub Exploit DB Packet Storm
226348 9.3 危険 オラクル - Oracle Java SE における Install に関する脆弱性 CWE-noinfo
情報不足
CVE-2014-0385 2014-01-17 17:17 2014-01-14 Show GitHub Exploit DB Packet Storm
226349 6.8 警告 オラクル - Oracle MySQL の MySQL Server における GIS に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-5860 2014-01-17 17:14 2014-01-14 Show GitHub Exploit DB Packet Storm
226350 6.8 警告 オラクル - Oracle MySQL の MySQL Server における Stored Procedure に関する脆弱性 CWE-noinfo
情報不足
CVE-2013-5882 2014-01-17 17:14 2014-01-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274361 9.8 CRITICAL
Network
microfocus rumba Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers t… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2016-5228 2024-11-21 11:53 2016-07-3 Show GitHub Exploit DB Packet Storm
274362 8.8 HIGH
Network
gnu
canonical
oracle
paloaltonetworks
wget
ubuntu_linux
solaris
pan-os
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. NVD-CWE-noinfo
CVE-2016-4971 2024-11-21 11:53 2016-07-1 Show GitHub Exploit DB Packet Storm
274363 7.5 HIGH
Network
dotcms dotcms CRLF injection vulnerability in the send email functionality in dotCMS before 3.3.2 allows remote attackers to inject arbitrary email headers via CRLF sequences in the subject. NVD-CWE-Other
CVE-2016-4803 2024-11-21 11:53 2016-07-1 Show GitHub Exploit DB Packet Storm
274364 8.8 HIGH
Network
f5 big-ip_wan_optimization_manager
big-ip_protocol_security_module
big-ip_application_acceleration_manager
big-ip_edge_gateway
big-ip_webaccelerator
big-ip_domain_name_system
big-ip_an…
F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended App… CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-5020 2024-11-21 11:53 2016-07-1 Show GitHub Exploit DB Packet Storm
274365 7.8 HIGH
Local
lenovo solution_center Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a nam… CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-5249 2024-11-21 11:53 2016-07-1 Show GitHub Exploit DB Packet Storm
274366 5.5 MEDIUM
Local
lenovo solution_center The StopProxy command in LSC.Services.SystemService in Lenovo Solution Center before 3.3.003 allows local users to terminate arbitrary processes via the PID argument. CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-5248 2024-11-21 11:53 2016-07-1 Show GitHub Exploit DB Packet Storm
274367 5.5 MEDIUM
Local
huawei mate_8_firmware Buffer overflow in Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of se… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2016-5232 2024-11-21 11:53 2016-07-1 Show GitHub Exploit DB Packet Storm
274368 7.8 HIGH
Local
huawei mate_8_firmware Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete use… CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-5231 2024-11-21 11:53 2016-07-1 Show GitHub Exploit DB Packet Storm
274369 8.8 HIGH
Network
huawei mate_8_firmware Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and control pa… CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-5230 2024-11-21 11:53 2016-07-1 Show GitHub Exploit DB Packet Storm
274370 8.8 HIGH
Network
opera opera_mail Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted e-mail message. CWE-284
Improper Access Control
CVE-2016-5101 2024-11-21 11:53 2016-06-29 Show GitHub Exploit DB Packet Storm