Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226401	4.3	警告	IBM	-	IBM Security AppScan Enterprise および IBM Rational Policy Tester におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0473	2013-04-2 15:03	2013-03-25	Show	GitHub Exploit DB Packet Storm

226402	6.8	警告	IBM	-	IBM Tivoli Endpoint Manager の SUA アプリケーションにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-0452	2013-04-2 14:59	2013-03-20	Show	GitHub Exploit DB Packet Storm

226403	5	警告	Digium	-	複数の Asterisk 製品におけるサービス運用妨害 (デーモンクラッシュ) 状態にされる脆弱性	CWE-119 バッファエラー	CVE-2013-2686	2013-04-2 14:35	2013-03-27	Show	GitHub Exploit DB Packet Storm

226404	7.5	危険	Digium	-	Asterisk Open Source の res/res_format_attr_h264.c におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-2685	2013-04-2 14:35	2013-03-27	Show	GitHub Exploit DB Packet Storm

226405	5	警告	Digium	-	複数の Asterisk 製品の SIP チャンネルドライバにおけるアカウント名を列挙される脆弱性	CWE-200 情報漏えい	CVE-2013-2264	2013-04-2 14:34	2013-02-21	Show	GitHub Exploit DB Packet Storm

226406	7.5	危険	Synchroweb Technology	-	Synchroweb Technology SynConnect の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-2690	2013-04-2 14:03	2013-03-28	Show	GitHub Exploit DB Packet Storm

226407	-	-	ヒューレット・パッカード	-	削除 HP ProCurve 1700-8 および 1700-24 スイッチにおけるクロスサイトリクエストフォージェリの脆弱性	-	CVE-2012-5216	2013-04-2 13:53	2013-03-25	Show	GitHub Exploit DB Packet Storm

226408	4.3	警告	アップル Google	-	Google Chrome におけるクロスサイトスクリプティング攻撃を実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3058	2013-04-2 11:33	2012-03-28	Show	GitHub Exploit DB Packet Storm

226409	4.3	警告	アルバネットワークス株式会社	-	Mobility Controller で使用される Aruba Networks ArubaOS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-2290	2013-04-1 20:54	2013-03-18	Show	GitHub Exploit DB Packet Storm

226410	7.8	危険	シスコシステムズ	-	Cisco IOS の IP Service Level Agreement 機能におけるサービス運用妨害 (デバイスリロード) の脆弱性	CWE-119 バッファエラー	CVE-2013-1148	2013-04-1 20:47	2013-02-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274371	3.7	LOW Network	netapp	clustered_data_ontap	Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure.	CWE-200 Information Exposure	CVE-2015-8020	2024-11-21 11:37	2017-01-12	Show	GitHub Exploit DB Packet Storm

274372	7.5	HIGH Network	ntp	ntp-dev	An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct…	CWE-190 Integer Overflow or Wraparound	CVE-2015-7848	2024-11-21 11:37	2017-01-7	Show	GitHub Exploit DB Packet Storm

274373	4.9	MEDIUM Network	huawei	quidway_s5300_firmware quidway_s9300_firmware s5700_firmware s12700_firmware ar_firmware s5300_firmware s9300_firmware	Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S530…	CWE-326 Inadequate Encryption Strength	CVE-2015-8086	2024-11-21 11:37	2016-10-4	Show	GitHub Exploit DB Packet Storm

274374	4.9	MEDIUM Network	huawei	s9300_firmware s12700_firmware quidway_s9300_firmware ar_firmware quidway_s5300_firmware s5700_firmware s5300_firmware	Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S530…	CWE-326 Inadequate Encryption Strength	CVE-2015-8085	2024-11-21 11:37	2016-10-4	Show	GitHub Exploit DB Packet Storm

274375	7.5	HIGH Network	f5	big-ip_global_traffic_manager big-ip_local_traffic_manager big-ip_webaccelerator big-ip_policy_enforcement_manager big-ip_advanced_firewall_manager big-ip_access_policy_manager big-…	The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; B…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-8022	2024-11-21 11:37	2016-08-20	Show	GitHub Exploit DB Packet Storm

274376	9.8	CRITICAL Network	apple	watchos iphone_os mac_os_x airport_base_station_firmware mdnsresponder	The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vecto…	NVD-CWE-Other	CVE-2015-7988	2024-11-21 11:37	2016-06-26	Show	GitHub Exploit DB Packet Storm

274377	9.8	CRITICAL Network	apple	watchos iphone_os mac_os_x airport_base_station_firmware mdnsresponder	Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueFor…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-7987	2024-11-21 11:37	2016-06-26	Show	GitHub Exploit DB Packet Storm

274378	4.3	MEDIUM Network	cybozu	garoon	Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, a different vul…	CWE-200 Information Exposure	CVE-2015-7776	2024-11-21 11:37	2016-06-20	Show	GitHub Exploit DB Packet Storm

274379	5.4	MEDIUM Network	cybozu	garoon	Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-20…	CWE-79 Cross-site Scripting	CVE-2015-7775	2024-11-21 11:37	2016-06-20	Show	GitHub Exploit DB Packet Storm

274380	9.8	CRITICAL Network	zend debian	zend_framework debian_linux	The PDO adapters in Zend Framework before 1.12.16 do not filer null bytes in SQL statements, which allows remote attackers to execute arbitrary SQL commands via a crafted query.	CWE-89 SQL Injection	CVE-2015-7695	2024-11-21 11:37	2016-06-7	Show	GitHub Exploit DB Packet Storm