Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240791 2.1 注意 Tecnick.com - TCExam の admin/code/tce_edit_answer.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4238 2012-08-22 16:44 2012-08-6 Show GitHub Exploit DB Packet Storm
240792 6.8 警告 Tecnick.com - TCExam における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-4237 2012-08-22 16:43 2012-08-6 Show GitHub Exploit DB Packet Storm
240793 4.3 警告 Jease - Jease におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4052 2012-08-22 16:42 2012-08-20 Show GitHub Exploit DB Packet Storm
240794 4.3 警告 Total Shop UK - Total Shop UK eCommerce Open Source におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4236 2012-08-22 16:40 2012-08-20 Show GitHub Exploit DB Packet Storm
240795 4.9 警告 OpenStack - OpenStack Compute (Nova) の virt/disk/api.py における任意のファイルを上書される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3447 2012-08-22 16:34 2012-07-31 Show GitHub Exploit DB Packet Storm
240796 5 警告 Debian - devotee における秘密のあだ名を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-2387 2012-08-22 16:24 2012-08-20 Show GitHub Exploit DB Packet Storm
240797 5 警告 GNOME Project - libsoup における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2012-2132 2012-08-22 16:20 2011-12-15 Show GitHub Exploit DB Packet Storm
240798 6.8 警告 Libav - Libav の libavcodec におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-0947 2012-08-22 16:19 2012-05-4 Show GitHub Exploit DB Packet Storm
240799 4.3 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec におけるサービス運用妨害 (メモリ破損) の脆弱性 CWE-119
バッファエラー 		CVE-2011-4579 2012-08-22 15:26 2011-12-25 Show GitHub Exploit DB Packet Storm
240800 6.8 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4364 2012-08-22 15:25 2011-12-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266881 7.5 HIGH
Network 		squid-cache squid http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) vi… CWE-20
 Improper Input Validation  		CVE-2016-2572 2024-11-21 11:48 2016-02-27 Show GitHub Exploit DB Packet Storm
266882 7.5 HIGH
Network 		squid-cache squid http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (asse… CWE-20
 Improper Input Validation  		CVE-2016-2571 2024-11-21 11:48 2016-02-27 Show GitHub Exploit DB Packet Storm
266883 7.5 HIGH
Network 		squid-cache squid The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (ass… CWE-20
 Improper Input Validation  		CVE-2016-2570 2024-11-21 11:48 2016-02-27 Show GitHub Exploit DB Packet Storm
266884 7.5 HIGH
Network 		squid-cache squid Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long s… CWE-20
 Improper Input Validation  		CVE-2016-2569 2024-11-21 11:48 2016-02-27 Show GitHub Exploit DB Packet Storm
266885 7.8 HIGH
Local 		flexera installshield Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executa… NVD-CWE-Other
CVE-2016-2542 2024-11-21 11:48 2016-02-24 Show GitHub Exploit DB Packet Storm
266886 7.5 HIGH
Network 		is_my_json_valid_project is_my_json_valid The is-my-json-valid package before 2.12.4 for Node.js has an incorrect exports['utc-millisec'] regular expression, which allows remote attackers to cause a denial of service (blocked event loop) via… CWE-20
 Improper Input Validation  		CVE-2016-2537 2024-11-21 11:48 2016-02-23 Show GitHub Exploit DB Packet Storm
266887 8.8 HIGH
Network 		sap
google 		3d_visual_enterprise_viewer
sketchup 		Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise Viewer allow remote attackers to execute arbitrary code via a crafted SketchUp document. NOTE: the primary affected product may be… CWE-399
 Resource Management Errors 		CVE-2016-2536 2024-11-21 11:48 2016-02-23 Show GitHub Exploit DB Packet Storm
266888 5.9 MEDIUM
Network 		fedoraproject
digium 		fedora
asterisk
certified_asterisk 		chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2016-2316 2024-11-21 11:48 2016-02-23 Show GitHub Exploit DB Packet Storm
266889 6.5 MEDIUM
Network 		digium asterisk
certified_asterisk 		Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to ca… NVD-CWE-Other
CVE-2016-2232 2024-11-21 11:48 2016-02-23 Show GitHub Exploit DB Packet Storm
266890 9.8 CRITICAL
Network 		advantech vesp211-eu_firmware
vesp211-232_firmware 		The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allow… CWE-284
Improper Access Control 		CVE-2016-2275 2024-11-21 11:48 2016-02-21 Show GitHub Exploit DB Packet Storm