Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241391 4.3 警告 FFmpeg - FFmpeg の libavfilter/avfilter.c におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-0847 2012-08-22 14:35 2012-08-20 Show GitHub Exploit DB Packet Storm
241392 6.8 警告 FFmpeg - FFmpeg の libavcodec の vorbis.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2012-0859 2012-08-22 14:29 2012-08-20 Show GitHub Exploit DB Packet Storm
241393 6.8 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec の shorten.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-0858 2012-08-22 14:28 2012-03-15 Show GitHub Exploit DB Packet Storm
241394 6.8 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec の atrac3.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0853 2012-08-22 14:28 2012-03-15 Show GitHub Exploit DB Packet Storm
241395 6.8 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec の adpcm.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2012-0852 2012-08-22 14:27 2012-06-9 Show GitHub Exploit DB Packet Storm
241396 6.8 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec の h264_ps.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2012-0851 2012-08-22 14:04 2012-06-9 Show GitHub Exploit DB Packet Storm
241397 6.8 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec の kmvc.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3952 2012-08-22 14:02 2012-01-27 Show GitHub Exploit DB Packet Storm
241398 6.8 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec 内の dpcm.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2011-3951 2012-08-22 13:52 2012-01-27 Show GitHub Exploit DB Packet Storm
241399 6.8 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec 内の mjpegbdec.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3947 2012-08-22 12:33 2012-01-27 Show GitHub Exploit DB Packet Storm
241400 6.8 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2011-3940 2012-08-22 12:30 2012-01-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
286151 7.5 HIGH
Network 		fancy-server_project fancy-server Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory. CWE-22
Path Traversal 		CVE-2014-10066 2024-11-21 11:03 2018-06-1 Show GitHub Exploit DB Packet Storm
286152 6.1 MEDIUM
Network 		remarkable_project remarkable Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content. CWE-79
Cross-site Scripting 		CVE-2014-10065 2024-11-21 11:03 2018-06-1 Show GitHub Exploit DB Packet Storm
286153 7.5 HIGH
Network 		qs_project qs The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of t… CWE-399
 Resource Management Errors 		CVE-2014-10064 2024-11-21 11:03 2018-06-1 Show GitHub Exploit DB Packet Storm
286154 7.5 HIGH
Network 		hapi inert The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when `showHidden` is false. CWE-22
Path Traversal 		CVE-2014-10068 2024-11-21 11:03 2018-05-30 Show GitHub Exploit DB Packet Storm
286155 5.9 MEDIUM
Network 		paypal-ipn_project paypal-ipn paypal-ipn before 3.0.0 uses the `test_ipn` parameter (which is set by the PayPal IPN simulator) to determine if it should use the production PayPal site or the sandbox. With a bit of time, an attack… CWE-287
Improper Authentication 		CVE-2014-10067 2024-11-21 11:03 2018-05-30 Show GitHub Exploit DB Packet Storm
286156 7.1 HIGH
Network 		ibm rational_clearquest Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest Native client, (3) ClearQuest Eclipse client, and (4) ClearQuest Eclipse Designer components in IBM Rationa… CWE-611
XXE 		CVE-2014-0950 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm
286157 9.1 CRITICAL
Network 		ibm rational_clearcase Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN Server / CM Server, (2) Perl CC/CQ integration trigger scripts, (3) CMAPI Java interface, (4) ClearCase remote client, and (5) C… CWE-611
XXE 		CVE-2014-0931 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm
286158 8.1 HIGH
Network 		ibm sterling_b2b_integrator
sterling_file_gateway 		The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port… CWE-287
Improper Authentication 		CVE-2014-0927 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm
286159 5.3 MEDIUM
Network 		ibm sterling_b2b_integrator
sterling_file_gateway 		IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive product information via vectors related to an error page. IBM X-Force ID: 9207… CWE-200
Information Exposure 		CVE-2014-0912 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm
286160 8.8 HIGH
Network 		google android The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap da… CWE-20
 Improper Input Validation  		CVE-2014-0900 2024-11-21 11:03 2018-04-21 Show GitHub Exploit DB Packet Storm