Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240531 4 警告 Moodle - Moodle の repository/repository_ajax.php におけるアップロードサイズの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4400 2012-09-20 16:40 2012-09-17 Show GitHub Exploit DB Packet Storm
240532 4.3 警告 Mailtraq - Mailtraq におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2586 2012-09-20 16:21 2012-09-19 Show GitHub Exploit DB Packet Storm
240533 4.3 警告 SmarterTools Inc. - SmarterMail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2578 2012-09-20 16:18 2012-09-19 Show GitHub Exploit DB Packet Storm
240534 4.3 警告 Novell - Novell GroupWise の WebAccess コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0272 2012-09-20 16:13 2012-07-3 Show GitHub Exploit DB Packet Storm
240535 10 危険 Novell - Novell GroupWise の GWIA の gwia.exe における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-0271 2012-09-20 16:12 2012-09-11 Show GitHub Exploit DB Packet Storm
240536 4.3 警告 Novell - Novell GroupWise の GWIA 内の gwwww1.dll におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-3827 2012-09-20 16:12 2012-09-11 Show GitHub Exploit DB Packet Storm
240537 2.1 注意 Webform project - Drupal 用 Webform モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1660 2012-09-20 16:11 2012-03-7 Show GitHub Exploit DB Packet Storm
240538 2.1 注意 Ariel Barreiro - Drupal 用 Node Recommendation モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1659 2012-09-20 16:10 2012-03-7 Show GitHub Exploit DB Packet Storm
240539 2.1 注意 Four Kitchens - Drupal 用 Read More Link モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1658 2012-09-20 16:09 2012-03-7 Show GitHub Exploit DB Packet Storm
240540 2.1 注意 Four Kitchens - Drupal 用 Block Class モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1657 2012-09-20 16:08 2012-03-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268151 3.7 LOW
Network 		cisco firesight_system_software Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing dif… CWE-287
CWE-255
Improper Authentication
Credentials Management 		CVE-2016-1356 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm
268152 5.3 MEDIUM
Network 		cisco web_security_appliance The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by lev… CWE-20
 Improper Input Validation  		CVE-2016-1288 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm
268153 6.1 MEDIUM
Network 		cisco firesight_system_software Cross-site scripting (XSS) vulnerability in the Device Management UI in the management interface in Cisco FireSIGHT System Software 6.1.0 allows remote attackers to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting 		CVE-2016-1355 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm
268154 6.1 MEDIUM
Network 		cisco unified_communications_domain_manager Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 8.x before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data,… CWE-79
Cross-site Scripting 		CVE-2016-1354 2024-11-21 11:46 2016-03-4 Show GitHub Exploit DB Packet Storm
268155 9.8 CRITICAL
Network 		samsung
sun
zyxel
zzinc 		x14j_firmware
opensolaris
gs1900-10hp_firmware
keymouse_firmware 		Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to… CWE-287
Improper Authentication 		CVE-2016-1329 2024-11-21 11:46 2016-03-3 Show GitHub Exploit DB Packet Storm
268156 5.3 MEDIUM
Network 		cisco videoscape_distribution_suite_for_internet_streaming The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.3(0), 3.3(1), 4.0(0), and 4.1(0) does not properly initiate new TCP sessions when a previous session is… CWE-399
 Resource Management Errors 		CVE-2016-1353 2024-11-21 11:46 2016-03-1 Show GitHub Exploit DB Packet Storm
268157 5.3 MEDIUM
Network 		cisco firepower_management_center The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attackers to obtain potentially sensitive software-version information by reading help files, aka Bug ID C… CWE-200
Information Exposure 		CVE-2016-1342 2024-11-21 11:46 2016-02-26 Show GitHub Exploit DB Packet Storm
268158 8.8 HIGH
Network 		cisco application_control_engine_software The Device Manager GUI in Cisco Application Control Engine (ACE) 4710 A5 before A5(3.1) allows remote authenticated users to bypass intended RBAC restrictions and execute arbitrary CLI commands with … CWE-78
OS Command  		CVE-2016-1297 2024-11-21 11:46 2016-02-26 Show GitHub Exploit DB Packet Storm
268159 9.8 CRITICAL
Network 		cisco nx-os Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a blank root password, which allows local users to gain privileges via unspecified vectors, aka Bug ID … CWE-255
CWE-264
Credentials Management
Permissions, Privileges, and Access Controls 		CVE-2016-1341 2024-11-21 11:46 2016-02-24 Show GitHub Exploit DB Packet Storm
268160 9.8 CRITICAL
Network 		google
novell
opensuse
debian 		chrome
suse_package_hub_for_suse_linux_enterprise
leap
opensuse
debian_linux 		Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-1629 2024-11-21 11:46 2016-02-22 Show GitHub Exploit DB Packet Storm