Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240221 10 危険 jinzora - Jinzora の extras/mt.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7131 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240222 7.5 危険 jinzora - Jinzora における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-7130 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240223 2.1 注意 インターネット セキュリティ システムズ - ISS BlackICE PC Protection におけるスキーム保護を回避される脆弱性 - CVE-2006-7129 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240224 6.8 警告 Joomla! - Joomla BSQ Sitestats における SQL インジェクションの脆弱性 - CVE-2006-7126 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240225 6.8 警告 Joomla! - Joomla BSQ Sitestats におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-7125 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240226 7.5 危険 Joomla! - BSQ Sitestats の external/rssfeeds.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7124 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240227 7.5 危険 Joomla! - BSQ Sitestats における SQL インジェクションの脆弱性 - CVE-2006-7123 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240228 6.8 警告 Joomla! - BSQ Sitestats の IP Address Lookup 機能におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-7122 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240229 7.8 危険 シスコシステムズ (Linksys) - Linksys SPA-921 VoIP Desktop Phone の HTTP サーバにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-7121 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
240230 6.8 警告 kubix - Kubix におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2006-7117 2012-09-25 15:36 2007-03-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267481 7.1 HIGH
Network 		google chrome The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trig… CWE-284
Improper Access Control 		CVE-2016-5173 2024-11-21 11:53 2016-09-26 Show GitHub Exploit DB Packet Storm
267482 6.5 MEDIUM
Network 		google
nodejs
debian 		chrome
node.js
debian_linux 		The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted Ja… CWE-200
Information Exposure 		CVE-2016-5172 2024-11-21 11:53 2016-09-26 Show GitHub Exploit DB Packet Storm
267483 8.8 HIGH
Network 		google chrome WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of … CWE-416
 Use After Free 		CVE-2016-5171 2024-11-21 11:53 2016-09-26 Show GitHub Exploit DB Packet Storm
267484 8.8 HIGH
Network 		google chrome WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which al… CWE-416
 Use After Free 		CVE-2016-5170 2024-11-21 11:53 2016-09-26 Show GitHub Exploit DB Packet Storm
267485 8.8 HIGH
Network 		google chrome_os Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. NVD-CWE-noinfo
CVE-2016-5169 2024-11-21 11:53 2016-09-26 Show GitHub Exploit DB Packet Storm
267486 8.8 HIGH
Network 		iodata hvl-a2.0_firmware
hvl-a3.0_firmware
hvl-a4.0_firmware
hvl-at1.0s_firmware
hvl-at2.0_firmware
hvl-at2.0a_firmware
hvl-at3.0_firmware
hvl-at3.0a_firmware
hvl-at4.0_firmware
h… 		Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmw… CWE-352
 Origin Validation Error 		CVE-2016-4845 2024-11-21 11:53 2016-09-24 Show GitHub Exploit DB Packet Storm
267487 7.4 HIGH
Network 		mozilla firefox Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spo… CWE-20
 Improper Input Validation  		CVE-2016-5284 2024-11-21 11:53 2016-09-23 Show GitHub Exploit DB Packet Storm
267488 8.8 HIGH
Network 		mozilla firefox Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions … CWE-284
Improper Access Control 		CVE-2016-5283 2024-11-21 11:53 2016-09-23 Show GitHub Exploit DB Packet Storm
267489 6.5 MEDIUM
Network 		mozilla firefox Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a… CWE-200
Information Exposure 		CVE-2016-5282 2024-11-21 11:53 2016-09-23 Show GitHub Exploit DB Packet Storm
267490 9.8 CRITICAL
Network 		mozilla firefox Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by levera… CWE-416
 Use After Free 		CVE-2016-5281 2024-11-21 11:53 2016-09-23 Show GitHub Exploit DB Packet Storm