Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228101 7.5 危険 John Nunemaker - Ruby 用 crack gem におけるオブジェクトインジェクション攻撃を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-1800 2013-04-11 19:40 2013-01-14 Show GitHub Exploit DB Packet Storm
228102 7.5 危険 Daniel Harrington - Ruby 用 nori gem におけるオブジェクトインジェクション攻撃を実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-0285 2013-04-11 19:39 2013-01-14 Show GitHub Exploit DB Packet Storm
228103 5 警告 New Relic - Ruby Agent における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-0284 2013-04-11 19:38 2013-02-13 Show GitHub Exploit DB Packet Storm
228104 6.8 警告 Michael Bleigh and Intridea, Inc. - Ruby 用 omniauth-oauth2 gem におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-6134 2013-04-11 19:37 2013-02-25 Show GitHub Exploit DB Packet Storm
228105 5.8 警告 Apache Software Foundation - Apache Maven のデフォルト設定におけるサーバになりすまされる脆弱性 CWE-16
環境設定 		CVE-2013-0253 2013-04-11 17:36 2013-04-2 Show GitHub Exploit DB Packet Storm
228106 4.3 警告 fedorahosted.org - cronie におけるファイル記述子が漏えいする脆弱性 CWE-200
情報漏えい 		CVE-2012-6097 2013-04-11 17:35 2013-01-9 Show GitHub Exploit DB Packet Storm
228107 2.1 注意 Gluster, Inc.
レッドハット		 - Red Hat Storage の GlusterFS 機能における任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-5635 2013-04-11 17:35 2013-03-28 Show GitHub Exploit DB Packet Storm
228108 4 警告 OpenStack
Canonical		 - 複数の OpenStack 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-1838 2013-04-11 14:57 2013-03-15 Show GitHub Exploit DB Packet Storm
228109 4.3 警告 フェンリル株式会社 - Sleipnir for Windows におけるアドレスバー偽装の脆弱性 CWE-noinfo
情報不足 		CVE-2013-2303 2013-04-11 12:01 2013-04-11 Show GitHub Exploit DB Packet Storm
228110 7.5 危険 アドビシステムズ - Adobe ColdFusion におけるユーザになりすまされる脆弱性 CWE-noinfo
情報不足 		CVE-2013-1387 2013-04-11 11:57 2013-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274091 6.8 MEDIUM
Physics 		apple iphone_os
mac_os_x 		AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corrupt… CWE-264
CWE-119
Permissions, Privileges, and Access Controls
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-1734 2024-11-21 11:46 2016-03-24 Show GitHub Exploit DB Packet Storm
274092 7.8 HIGH
Local 		apple mac_os_x AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error') 
 Improper Input Validation  		CVE-2016-1733 2024-11-21 11:46 2016-03-24 Show GitHub Exploit DB Packet Storm
274093 5.5 MEDIUM
Local 		apple mac_os_x AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-1732 2024-11-21 11:46 2016-03-24 Show GitHub Exploit DB Packet Storm
274094 6.1 MEDIUM
Network 		microfocus self_service_password_reset Cross-site scripting (XSS) vulnerability in NetIQ Self Service Password Reset (SSPR) 2.x and 3.x before 3.3.1 HF2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. CWE-79
Cross-site Scripting 		CVE-2016-1599 2024-11-21 11:46 2016-03-24 Show GitHub Exploit DB Packet Storm
274095 5.9 MEDIUM
Network 		apple software_update Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream. CWE-310
CWE-345
Cryptographic Issues
 Insufficient Verification of Data Authenticity 		CVE-2016-1731 2024-11-21 11:46 2016-03-14 Show GitHub Exploit DB Packet Storm
274096 8.8 HIGH
Network 		google
debian
opensuse 		chrome
debian_linux
leap
opensuse
suse_linux_enterprise_server 		Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-1645 2024-11-21 11:46 2016-03-14 Show GitHub Exploit DB Packet Storm
274097 8.8 HIGH
Network 		google chrome WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of s… NVD-CWE-Other
CVE-2016-1644 2024-11-21 11:46 2016-03-14 Show GitHub Exploit DB Packet Storm
274098 8.8 HIGH
Network 		google chrome The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent… CWE-361
 7PK - Time and State 		CVE-2016-1643 2024-11-21 11:46 2016-03-14 Show GitHub Exploit DB Packet Storm
274099 9.8 CRITICAL
Network 		google android libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-1621 2024-11-21 11:46 2016-03-13 Show GitHub Exploit DB Packet Storm
274100 4.3 MEDIUM
Network 		dte_energy insight The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter. CWE-200
Information Exposure 		CVE-2016-1562 2024-11-21 11:46 2016-03-12 Show GitHub Exploit DB Packet Storm