Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228261 4 警告 Fedora Project
レッドハット		 - Red Hat Directory Server および 389 Directory Server における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-2219 2013-08-2 15:14 2013-07-30 Show GitHub Exploit DB Packet Storm
228262 4.3 警告 Beanbag - Review Board の htdocs/media/rb/js/reviews.js におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2209 2013-08-2 15:06 2013-06-22 Show GitHub Exploit DB Packet Storm
228263 6 警告 The Foreman
レッドハット		 - Foreman の Bookmarks コントローラの create メソッドにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-2121 2013-08-2 14:11 2013-06-7 Show GitHub Exploit DB Packet Storm
228264 6 警告 The Foreman
レッドハット		 - Foreman の app/controllers/users_controller.rb の create メソッドにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-2113 2013-08-2 14:06 2013-06-7 Show GitHub Exploit DB Packet Storm
228265 7.1 危険 Novell
CollabNet, Inc.
Apache Software Foundation		 - Apache Subversion における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-2088 2013-08-1 18:01 2013-07-4 Show GitHub Exploit DB Packet Storm
228266 4.3 警告 Western Digital Corporation - 複数の Western Digital My Net ルータ製品のファームウェアにおける平文の管理パスワードを破られる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2013-5006 2013-08-1 17:36 2013-07-18 Show GitHub Exploit DB Packet Storm
228267 7.5 危険 Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-2886 2013-08-1 16:33 2013-07-30 Show GitHub Exploit DB Packet Storm
228268 7.5 危険 Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2885 2013-08-1 16:31 2013-07-30 Show GitHub Exploit DB Packet Storm
228269 7.5 危険 Google - Google Chrome の DOM の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2884 2013-08-1 16:30 2013-07-30 Show GitHub Exploit DB Packet Storm
228270 7.5 危険 Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2883 2013-08-1 16:29 2013-07-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 26, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
276321 8.8 HIGH
Network 		apache struts Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. CWE-20
 Improper Input Validation  		CVE-2016-0785 2024-11-21 11:42 2016-04-13 Show GitHub Exploit DB Packet Storm
276322 9.8 CRITICAL
Network 		apache ranger The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password, which allows remote attackers to bypass authentication by leveraging knowledge of a v… CWE-287
Improper Authentication 		CVE-2016-0733 2024-11-21 11:42 2016-04-12 Show GitHub Exploit DB Packet Storm
276323 8.8 HIGH
Network 		apache ranger Apache Ranger 0.5.x before 0.5.2 allows remote authenticated users to bypass intended parent resource-level access restrictions by leveraging mishandling of a resource-level exclude policy. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-0735 2024-11-21 11:42 2016-04-12 Show GitHub Exploit DB Packet Storm
276324 6.5 MEDIUM
Network 		apache openmeetings Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMeetings before 3.1.1 allows remote authenticated administrators to write to arbitrary files via a ..… CWE-22
Path Traversal 		CVE-2016-0784 2024-11-21 11:42 2016-04-11 Show GitHub Exploit DB Packet Storm
276325 7.5 HIGH
Network 		apache openmeetings The sendHashByUser function in Apache OpenMeetings before 3.1.1 generates predictable password reset tokens, which makes it easier for remote attackers to reset arbitrary user passwords by leveraging… CWE-200
Information Exposure 		CVE-2016-0783 2024-11-21 11:42 2016-04-11 Show GitHub Exploit DB Packet Storm
276326 6.1 MEDIUM
Network 		apache jetspeed Cross-site scripting (XSS) vulnerability in Apache Jetspeed before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to portal. CWE-79
Cross-site Scripting 		CVE-2016-0712 2024-11-21 11:42 2016-04-11 Show GitHub Exploit DB Packet Storm
276327 6.1 MEDIUM
Network 		apache jetspeed Multiple cross-site scripting (XSS) vulnerabilities in Apache Jetspeed before 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the title parameter when adding a (1) link, (2) p… CWE-79
Cross-site Scripting 		CVE-2016-0711 2024-11-21 11:42 2016-04-11 Show GitHub Exploit DB Packet Storm
276328 8.8 HIGH
Network 		apache jetspeed Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attackers to execute arbitrary SQL commands via the (1) role or (2) user parameter to s… CWE-89
SQL Injection 		CVE-2016-0710 2024-11-21 11:42 2016-04-11 Show GitHub Exploit DB Packet Storm
276329 7.2 HIGH
Network 		apache jetspeed Directory traversal vulnerability in the Import/Export function in the Portal Site Manager in Apache Jetspeed before 2.3.1 allows remote authenticated administrators to write to arbitrary files, and … CWE-22
Path Traversal 		CVE-2016-0709 2024-11-21 11:42 2016-04-11 Show GitHub Exploit DB Packet Storm
276330 8.8 HIGH
Network 		jenkins
redhat 		jenkins
openshift 		Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and… CWE-20
 Improper Input Validation  		CVE-2016-0792 2024-11-21 11:42 2016-04-8 Show GitHub Exploit DB Packet Storm