Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240531 6.8 警告 IBM - 複数の IBM 製品で使用される IBM Maximo Asset Management における Web セッションをハイジャックされる脆弱性 CWE-Other
その他 		CVE-2012-2184 2012-09-12 16:18 2012-09-4 Show GitHub Exploit DB Packet Storm
240532 6.8 警告 IBM - 複数の IBM 製品で使用される IBM Maximo Asset Management における Web セッションをハイジャックされる脆弱性 CWE-Other
その他 		CVE-2012-2183 2012-09-12 16:17 2012-09-4 Show GitHub Exploit DB Packet Storm
240533 6.5 警告 IBM - 複数の IBM 製品で使用される IBM Maximo Asset Management における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-0747 2012-09-12 16:16 2012-09-4 Show GitHub Exploit DB Packet Storm
240534 3.5 注意 IBM - 複数の IBM 製品で使用される IBM Maximo Asset Management におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0746 2012-09-12 16:16 2012-09-4 Show GitHub Exploit DB Packet Storm
240535 6.5 警告 IBM - 複数の IBM 製品で使用される IBM Maximo Asset Management における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-0728 2012-09-12 16:15 2012-09-4 Show GitHub Exploit DB Packet Storm
240536 6.5 警告 IBM - 複数の IBM 製品で使用される IBM Maximo Asset Management における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-0727 2012-09-12 16:13 2012-09-4 Show GitHub Exploit DB Packet Storm
240537 6.8 警告 IBM - 複数の IBM 製品で使用される IBM Maximo Asset Management におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-0714 2012-09-12 16:12 2012-09-4 Show GitHub Exploit DB Packet Storm
240538 6.8 警告 OpenKM - OpenKM におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2316 2012-09-12 14:20 2012-01-4 Show GitHub Exploit DB Packet Storm
240539 4 警告 OpenKM - OpenKM における任意のユーザに管理者権限を割り当てられる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2315 2012-09-12 14:19 2012-01-4 Show GitHub Exploit DB Packet Storm
240540 4.3 警告 chatelao - PHP Address Book の preferences.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1912 2012-09-12 13:54 2012-09-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268131 7.5 HIGH
Network 		mattermost mattermost_server An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information. CWE-200
Information Exposure 		CVE-2016-11066 2024-11-21 11:45 2020-06-20 Show GitHub Exploit DB Packet Storm
268132 4.3 MEDIUM
Network 		mattermost mattermost_server An issue was discovered in Mattermost Server before 3.3.0. An attacker could use the WebSocket feature to send pop-up messages to users or change a post's appearance. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2016-11065 2024-11-21 11:45 2020-06-20 Show GitHub Exploit DB Packet Storm
268133 9.8 CRITICAL
Network 		mattermost mattermost_desktop An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection. CWE-94
Code Injection 		CVE-2016-11064 2024-11-21 11:45 2020-06-20 Show GitHub Exploit DB Packet Storm
268134 6.1 MEDIUM
Network 		mattermost mattermost_server An issue was discovered in Mattermost Server before 3.5.1. XSS can occur via file preview. CWE-79
Cross-site Scripting 		CVE-2016-11063 2024-11-21 11:45 2020-06-20 Show GitHub Exploit DB Packet Storm
268135 5.3 MEDIUM
Network 		mattermost mattermost_server An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2016-11062 2024-11-21 11:45 2020-06-20 Show GitHub Exploit DB Packet Storm
268136 9.8 CRITICAL
Network 		xerox workcentre_3655_firmware
workcentre_3655i_firmware
workcentre_5865_firmware
workcentre_5875_firmware
workcentre_5890_firmware
workcentre_5865i_firmware
workcentre_5875i_firmware
 Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remote… CWE-78
OS Command  		CVE-2016-11061 2024-11-21 11:45 2020-04-30 Show GitHub Exploit DB Packet Storm
268137 7.5 HIGH
Network 		netgear fvs318g_firmware
fvs318n_firmware
fvs336g_firmware
srx5308_firmware 		Certain NETGEAR devices are affected by insecure renegotiation. This affects SRX5308 before 2017-02-10, FVS336Gv3 before 2017-02-10, FVS318N before 2017-02-10, and FVS318Gv2 before 2017-02-10. NVD-CWE-noinfo
CVE-2016-11060 2024-11-21 11:45 2020-04-29 Show GitHub Exploit DB Packet Storm
268138 7.5 HIGH
Network 		netgear genie The NETGEAR genie application before 2.4.34 for Android is affected by mishandling of hard-coded API keys and session IDs. CWE-613
 Insufficient Session Expiration 		CVE-2016-11058 2024-11-21 11:45 2020-04-29 Show GitHub Exploit DB Packet Storm
268139 7.5 HIGH
Network 		netgear ac1450_firmware
c6300_firmware
d1500_firmware
d3600_firmware
d500_firmware
d6000_firmware
d6100_firmware
d6200_firmware
d6200b_firmware
d6300_firmware
d6300b_firmware 		Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6… CWE-200
Information Exposure 		CVE-2016-11059 2024-11-21 11:45 2020-04-29 Show GitHub Exploit DB Packet Storm
268140 7.5 HIGH
Network 		netgear jnr1010_firmware
jwnr2000_firmware
jwnr2010_firmware
r6220_firmware
wndr3700_firmware
wnr1000_firmware
wnr2020_firmware
wnr614_firmware
wnr618_firmware 		Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before 2017-01-06, WNR618 before 2017-01-06, JWNR2000v5 before 2017-01-06, … CWE-287
Improper Authentication 		CVE-2016-11057 2024-11-21 11:45 2020-04-29 Show GitHub Exploit DB Packet Storm