Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
226871 9.3 危険 Steinberg Media Technologies GmbH - Steinberg MyMp3PRO におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2013-7186 2013-12-24 18:48 2013-12-5 Show GitHub Exploit DB Packet Storm
226872 5 警告 Digium - 複数の Asterisk 製品の apps/app_sms.c の unpacksms16 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2013-7100 2013-12-24 18:47 2013-12-16 Show GitHub Exploit DB Packet Storm
226873 4.7 警告 NovaTech - 複数の Orion Substation Automation Platform 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2013-2822 2013-12-24 18:30 2013-12-18 Show GitHub Exploit DB Packet Storm
226874 7.1 危険 NovaTech - 複数の Orion Substation Automation Platform 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2013-2821 2013-12-24 18:30 2013-12-18 Show GitHub Exploit DB Packet Storm
226875 7.2 危険 クイックヒール・テクノロジーズ・ジャパン株式会社 - Quick Heal AntiVirus Pro の pepoly.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2013-6767 2013-12-24 18:27 2013-12-16 Show GitHub Exploit DB Packet Storm
226876 6.8 警告 Idleman - Leed の action.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2013-2628 2013-12-24 18:06 2013-12-18 Show GitHub Exploit DB Packet Storm
226877 7.5 危険 Idleman - Leed の action.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2013-2627 2013-12-24 18:05 2013-12-18 Show GitHub Exploit DB Packet Storm
226878 4.3 警告 TYPO3 Association - TYPO3 Flow の ActionController ベースクラスの errorAction メソッドにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2013-7082 2013-12-24 17:57 2013-12-10 Show GitHub Exploit DB Packet Storm
226879 4.3 警告 TYPO3 Association - TYPO3 の Backend User Administration モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2013-7077 2013-12-24 17:41 2013-12-10 Show GitHub Exploit DB Packet Storm
226880 4.3 警告 TYPO3 Association - TYPO3 の Extension Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2013-7076 2013-12-24 17:41 2013-12-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
273441 7.5 HIGH
Network
rubyonrails rails Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote a… CWE-284
CWE-476
Improper Access Control
 NULL Pointer Dereference
CVE-2016-6317 2024-11-21 11:55 2016-09-8 Show GitHub Exploit DB Packet Storm
273442 6.1 MEDIUM
Network
rubyonrails
debian
ruby_on_rails
rails
debian_linux
Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or… CWE-79
Cross-site Scripting
CVE-2016-6316 2024-11-21 11:55 2016-09-8 Show GitHub Exploit DB Packet Storm
273443 7.0 HIGH
Local
huawei honor_4c_firmware The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… CWE-284
Improper Access Control
CVE-2016-6184 2024-11-21 11:55 2016-09-8 Show GitHub Exploit DB Packet Storm
273444 7.0 HIGH
Local
huawei honor_4c_firmware The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… CWE-284
Improper Access Control
CVE-2016-6183 2024-11-21 11:55 2016-09-8 Show GitHub Exploit DB Packet Storm
273445 7.0 HIGH
Local
huawei honor_4c_firmware The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… CWE-284
Improper Access Control
CVE-2016-6182 2024-11-21 11:55 2016-09-8 Show GitHub Exploit DB Packet Storm
273446 7.0 HIGH
Local
huawei honor_4c_firmware The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… CWE-284
Improper Access Control
CVE-2016-6181 2024-11-21 11:55 2016-09-8 Show GitHub Exploit DB Packet Storm
273447 7.0 HIGH
Local
huawei honor_4c_firmware The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to caus… CWE-284
Improper Access Control
CVE-2016-6180 2024-11-21 11:55 2016-09-8 Show GitHub Exploit DB Packet Storm
273448 6.7 MEDIUM
Local
qemu
canonical
debian
qemu
ubuntu_linux
debian_linux
The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service (ou… NVD-CWE-noinfo
CVE-2016-6351 2024-11-21 11:55 2016-09-8 Show GitHub Exploit DB Packet Storm
273449 7.5 HIGH
Network
redhat resteasy RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors. NVD-CWE-noinfo
CVE-2016-6346 2024-11-21 11:55 2016-09-8 Show GitHub Exploit DB Packet Storm
273450 6.5 MEDIUM
Network
redhat resteasy RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs. CWE-200
Information Exposure
CVE-2016-6345 2024-11-21 11:55 2016-09-8 Show GitHub Exploit DB Packet Storm