Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239931 7.5 危険 kai content management system - K-CMS の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2106 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
239932 7.5 危険 monkey cms - Monkey CMS の admin/index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2105 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
239933 6.8 警告 my little homepage - my little weblog の weblog.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2102 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
239934 6.8 警告 openconcept - OpenConcept Back-End CMS の htdocs/php.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2099 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
239935 7.5 危険 hinton design - Hinton Design における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2096 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
239936 7.5 危険 myspeach - MySpeach の chat.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2095 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
239937 7.5 危険 limesoft - LS Simple Guestbook の index.php における任意の PHP コードを挿入される脆弱性 - CVE-2007-2093 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
239938 7.5 危険 limesoft - LS Simple Guestbook の index.php における任意の PHP コードを挿入される脆弱性 - CVE-2007-2092 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
239939 6.8 警告 jx development - Mambo および Joomla! における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2089 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
239940 6.8 警告 oe2edit - oe2edit CMS の oe2edit.cgi におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2085 2012-09-25 16:47 2007-04-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268031 9.8 CRITICAL
Network 		crestron dm-txrx-100-str_firmware Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication via a direct request to a page other than index.html. NVD-CWE-Other
CVE-2016-5667 2024-11-21 11:54 2016-08-3 Show GitHub Exploit DB Packet Storm
268032 9.8 CRITICAL
Network 		crestron dm-txrx-100-str_firmware Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of obj… NVD-CWE-Other
CVE-2016-5666 2024-11-21 11:54 2016-08-3 Show GitHub Exploit DB Packet Storm
268033 9.8 CRITICAL
Network 		crestron airmedia_am-100_firmware Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to execute arbitrary commands via a .. (dot dot) in t… CWE-77
Command Injection 		CVE-2016-5640 2024-11-21 11:54 2016-08-3 Show GitHub Exploit DB Packet Storm
268034 7.5 HIGH
Network 		crestron airmedia_am-100_firmware Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the src … CWE-22
Path Traversal 		CVE-2016-5639 2024-11-21 11:54 2016-08-3 Show GitHub Exploit DB Packet Storm
268035 5.5 MEDIUM
Local 		canonical
oracle
qemu
debian
redhat 		ubuntu_linux
vm_server
linux
qemu
debian_linux
enterprise_linux_desktop
enterprise_linux_server_aus
enterprise_linux_workstation
enterprise_linux_server_tus
openstack
en… 		The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without w… CWE-400
 Uncontrolled Resource Consumption 		CVE-2016-5403 2024-11-21 11:54 2016-08-3 Show GitHub Exploit DB Packet Storm
268036 8.1 HIGH
Network 		intel crosswalk Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x before 21.51.546.0, and 22.x before 22.51.549.0 interprets a user's acceptance of one invalid X.509 certificate to mean that all inv… CWE-310
CWE-20
Cryptographic Issues
 Improper Input Validation  		CVE-2016-5672 2024-11-21 11:54 2016-08-1 Show GitHub Exploit DB Packet Storm
268037 7.5 HIGH
Network 		siemens simatic_wincc Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets. CWE-200
Information Exposure 		CVE-2016-5744 2024-11-21 11:54 2016-07-23 Show GitHub Exploit DB Packet Storm
268038 9.8 CRITICAL
Network 		siemens simatic_batch
simatic_wincc
simatic_openpcs_7 		Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as dis… CWE-20
 Improper Input Validation  		CVE-2016-5743 2024-11-21 11:54 2016-07-23 Show GitHub Exploit DB Packet Storm
268039 5.8 MEDIUM
Network 		oracle glassfish_server Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 and 3.0.1 allows remote attackers to affect confidentiality via vectors related to Administration. NVD-CWE-noinfo
CVE-2016-5477 2024-11-21 11:54 2016-07-21 Show GitHub Exploit DB Packet Storm
268040 7.6 HIGH
Network 		oracle retail_integration_bus Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiali… NVD-CWE-noinfo
CVE-2016-5476 2024-11-21 11:54 2016-07-21 Show GitHub Exploit DB Packet Storm