Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240621	2.1	注意	Gizra	-	Drupal 用 Organic Groups Vocabulary モジュールにおけるボキャブラリを改ざんされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1644	2012-08-31 14:53	2012-02-15	Show	GitHub Exploit DB Packet Storm

240622	5	警告	Jason Savino	-	Drupal 用 Faster Permissions モジュールにおけるアクセス権を変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1643	2012-08-31 14:50	2012-02-15	Show	GitHub Exploit DB Packet Storm

240623	5	警告	YAML for Drupal	-	Drupal 用 Link checker モジュールにおける重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1642	2012-08-31 14:48	2012-02-15	Show	GitHub Exploit DB Packet Storm

240624	6	警告	danielb	-	Drupal 用 Finder モジュールの finder_import 関数における任意の PHP コードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1641	2012-08-31 14:45	2012-02-8	Show	GitHub Exploit DB Packet Storm

240625	6.4	警告	Rik de Boer	-	Drupal 用 revisioning モジュールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1635	2012-08-31 14:41	2012-01-18	Show	GitHub Exploit DB Packet Storm

240626	5	警告	SilverStripe	-	SilverStripe における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-5188	2012-08-31 10:36	2012-08-26	Show	GitHub Exploit DB Packet Storm

240627	4.3	警告	SilverStripe	-	SilverStripe における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-5187	2012-08-31 10:34	2012-08-26	Show	GitHub Exploit DB Packet Storm

240628	4.3	警告	SilverStripe	-	SilverStripe におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5095	2012-08-31 10:26	2012-08-26	Show	GitHub Exploit DB Packet Storm

240629	5	警告	SilverStripe	-	SilverStripe の control/ContentController.php における index.php を削除される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5094	2012-08-31 10:21	2012-08-26	Show	GitHub Exploit DB Packet Storm

240630	5	警告	SilverStripe	-	SilverStripe の security/Member.php におけるユーザアカウントをハイジャックされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5093	2012-08-31 10:18	2012-08-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267161	5.7	MEDIUM Network	canonical jasper_project	ubuntu_linux jasper	Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG…	CWE-399 Resource Management Errors	CVE-2016-2116	2024-11-21 11:47	2016-04-13	Show	GitHub Exploit DB Packet Storm

267162	7.5	HIGH Network	samba canonical debian	samba ubuntu_linux debian_linux	The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers …	CWE-254 7PK - Security Features	CVE-2016-2118	2024-11-21 11:47	2016-04-13	Show	GitHub Exploit DB Packet Storm

267163	7.4	HIGH Network	hp	universal_cmbd_foundation	HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors.	NVD-CWE-Other	CVE-2016-2001	2024-11-21 11:47	2016-04-13	Show	GitHub Exploit DB Packet Storm

267164	6.1	MEDIUM Network	apache	struts	Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInterceptor, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspec…	CWE-79 Cross-site Scripting	CVE-2016-2162	2024-11-21 11:47	2016-04-13	Show	GitHub Exploit DB Packet Storm

267165	9.8	CRITICAL Network	apache	ofbiz	Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections l…	CWE-20 Improper Input Validation	CVE-2016-2170	2024-11-21 11:47	2016-04-12	Show	GitHub Exploit DB Packet Storm

267166	6.5	MEDIUM Network	apache fedoraproject	qpid_proton fedora	The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amq…	CWE-200 Information Exposure	CVE-2016-2166	2024-11-21 11:47	2016-04-12	Show	GitHub Exploit DB Packet Storm

267167	5.3	MEDIUM Network	openstack	nova	The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users …	CWE-200 Information Exposure	CVE-2016-2140	2024-11-21 11:47	2016-04-12	Show	GitHub Exploit DB Packet Storm

267168	8.1	HIGH Network	saltstack opensuse	salt leap	Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master dat…	CWE-284 Improper Access Control	CVE-2016-1866	2024-11-21 11:47	2016-04-12	Show	GitHub Exploit DB Packet Storm

267169	6.2	MEDIUM Local	freebsd	freebsd	Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1885	2024-11-21 11:47	2016-04-12	Show	GitHub Exploit DB Packet Storm

267170	7.5	HIGH Network	apache	jetspeed	The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using Jetspeed Security, which allows remote attackers to (1) add, (2) edit, or (3) delete users via the RES…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-2171	2024-11-21 11:47	2016-04-11	Show	GitHub Exploit DB Packet Storm