Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240651	7.5	危険	Mozilla Foundation	-	複数の Mozilla 製品のブラウザエンジンの nsWindow 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-0463	2012-07-30 17:22	2012-03-13	Show	GitHub Exploit DB Packet Storm

240652	5	警告	SAND STUDIO	-	AirDroid のログインの実装における多重ログイン防止機能を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3888	2012-07-30 16:53	2012-07-26	Show	GitHub Exploit DB Packet Storm

240653	5	警告	SAND STUDIO	-	AirDroid における重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2012-3887	2012-07-30 16:50	2012-07-26	Show	GitHub Exploit DB Packet Storm

240654	5	警告	SAND STUDIO	-	AirDroid における平文データを取得される脆弱性	CWE-200 情報漏えい	CVE-2012-3886	2012-07-30 16:39	2012-07-26	Show	GitHub Exploit DB Packet Storm

240655	7.5	危険	SAND STUDIO	-	AirDroid のデフォルト設定におけるアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2012-3885	2012-07-30 16:38	2012-07-26	Show	GitHub Exploit DB Packet Storm

240656	5	警告	SAND STUDIO	-	AirDroid におけるアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2012-3884	2012-07-30 16:35	2012-07-26	Show	GitHub Exploit DB Packet Storm

240657	5	警告	Igor Sysoev	-	nginx/Windows におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4963	2012-07-30 16:24	2012-07-26	Show	GitHub Exploit DB Packet Storm

240658	7.5	危険	シトリックス・システムズ	-	Citrix Provisioning Services の SoapServer サービスにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-4068	2012-07-30 16:22	2012-05-1	Show	GitHub Exploit DB Packet Storm

240659	4.3	警告	Palo Alto Networks	-	複数の Palo Alto Networks 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4043	2012-07-30 16:20	2012-07-26	Show	GitHub Exploit DB Packet Storm

240660	5	警告	アップル	-	Apple Xcode におけるキーチェーンエントリを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3698	2012-07-30 16:19	2012-07-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267221	6.1	MEDIUM Network	sophos	unified_threat_management_software	Cross-site scripting (XSS) vulnerability in the UserPortal page in SOPHOS UTM before 9.353 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.	CWE-79 Cross-site Scripting	CVE-2016-2046	2024-11-21 11:47	2016-02-18	Show	GitHub Exploit DB Packet Storm

267222	8.8	HIGH Network	mozilla	firefox	Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site tha…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-1949	2024-11-21 11:47	2016-02-13	Show	GitHub Exploit DB Packet Storm

267223	6.5	MEDIUM Network	xmlsoft debian canonical	libxml2 debian_linux ubuntu_linux	The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2073	2024-11-21 11:47	2016-02-13	Show	GitHub Exploit DB Packet Storm

267224	9.8	CRITICAL Network	hp	continuous_delivery_automation	HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.	CWE-94 Code Injection	CVE-2016-1986	2024-11-21 11:47	2016-02-12	Show	GitHub Exploit DB Packet Storm

267225	3.3	LOW Local	libdwarf_project	libdwarf	The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file.	CWE-125 Out-of-bounds Read	CVE-2016-2091	2024-11-21 11:47	2016-02-9	Show	GitHub Exploit DB Packet Storm

267226	6.5	MEDIUM Network	jasper_project	jasper	The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image.	CWE-20 Improper Input Validation	CVE-2016-2089	2024-11-21 11:47	2016-02-9	Show	GitHub Exploit DB Packet Storm

267227	5.5	MEDIUM Network	djangoproject	django	Django 1.9.x before 1.9.2, when ModelAdmin.save_as is set to True, allows remote authenticated users to bypass intended access restrictions and create ModelAdmin objects via the "Save as New" option …	CWE-284 Improper Access Control	CVE-2016-2048	2024-11-21 11:47	2016-02-9	Show	GitHub Exploit DB Packet Storm

267228	9.8	CRITICAL Network	kubernetes	kubernetes	Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-1906	2024-11-21 11:47	2016-02-4	Show	GitHub Exploit DB Packet Storm

267229	7.7	HIGH Network	kubernetes	kubernetes	The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.	CWE-284 Improper Access Control	CVE-2016-1905	2024-11-21 11:47	2016-02-4	Show	GitHub Exploit DB Packet Storm

267230	8.8	HIGH Network	janrain	php-openid	examples/consumer/common.php in JanRain PHP OpenID library (aka php-openid) improperly checks the openid.realm parameter against the SERVER_NAME element in the SERVER superglobal array, which might a…	CWE-284 Improper Access Control	CVE-2016-2049	2024-11-21 11:47	2016-02-2	Show	GitHub Exploit DB Packet Storm