Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241801	4.3	警告	Roundcube.net	-	Roundcube Webmail の program/lib/washtml.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3508	2012-08-28 15:56	2012-08-14	Show	GitHub Exploit DB Packet Storm

241802	2.6	注意	Roundcube.net	-	RoundCube Webmail の program/steps/mail/func.inc におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3507	2012-08-28 15:36	2012-06-7	Show	GitHub Exploit DB Packet Storm

241803	6.5	警告	Katello Project	-	Katello における任意のユーザーとして CloudForms System Engine の Web インターフェイスに認証される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3503	2012-08-28 15:35	2012-08-25	Show	GitHub Exploit DB Packet Storm

241804	5	警告	Gilles Darold	-	SquidClamav の squidclamav.c におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性	CWE-119 バッファエラー	CVE-2012-3501	2012-08-28 15:34	2012-08-25	Show	GitHub Exploit DB Packet Storm

241805	6.8	警告	The GIMP Team	-	GIMP の Adobe Photoshop PSD プラグインにおける整数オーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-3402	2012-08-28 13:49	2012-08-25	Show	GitHub Exploit DB Packet Storm

241806	4.3	警告	OpenTTD	-	OpenTTD におけるサービス運用妨害 (ゲーム休止) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-0048	2012-08-28 13:47	2012-01-6	Show	GitHub Exploit DB Packet Storm

241807	4.3	警告	アドビシステムズ	-	Adobe Flash Player におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0767	2012-08-27 16:55	2012-02-15	Show	GitHub Exploit DB Packet Storm

241808	10	危険	アドビシステムズ	-	Adobe Flash Player におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0756	2012-08-27 16:54	2012-02-15	Show	GitHub Exploit DB Packet Storm

241809	10	危険	アドビシステムズ	-	Adobe Flash Player におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0755	2012-08-27 16:53	2012-02-15	Show	GitHub Exploit DB Packet Storm

241810	10	危険	アドビシステムズ	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2012-0754	2012-08-27 16:52	2012-02-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266061	8.1	HIGH Network	infinixauthority bluproducts xolo beeline iku-mobile leagoo doogee	hot_x507_firmware hot_2_x510_firmware zero_x506_firmware zero_2_x509_firmware studio_g_firmware studio_g_plus_firmware studio_6.0_hd_firmware studio_x_firmware studio_x_plus_f…	Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. Additionally, there are multiple techniques used to hide the execution of this bina…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-6564	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

266062	9.8	CRITICAL Network	dlink	dir-823_firmware dir-822_firmware dir-818l\(w\)_firmware dir-895l_firmware dir-890l_firmware dir-885l_firmware dir-880l_firmware dir-868l_firmware dir-850l_firmware	Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-6563	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

266063	9.8	CRITICAL Network	freebsd	freebsd	Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depend…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-6559	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

266064	9.8	CRITICAL Network	asus	rp-ac52_firmware ea-n66_firmware rp-n12_firmware rp-n14_firmware rp-n53_firmware rp-ac56_firmware wmp-n12_firmware	A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The …	CWE-77 Command Injection	CVE-2016-6558	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

266065	8.8	HIGH Network	asus	rp-ac52_firmware ea-n66_firmware rp-n12_firmware rp-n14_firmware rp-n53_firmware rp-ac56_firmware wmp-n12_firmware	In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided…	CWE-352 Origin Validation Error	CVE-2016-6557	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

266066	8.8	HIGH Adjacent	thetrackr	trackr_bravo_firmware	TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Andro…	CWE-287 Improper Authentication	CVE-2016-6541	2024-11-21 11:56	2018-07-7	Show	GitHub Exploit DB Packet Storm

266067	6.5	MEDIUM Adjacent	thetrackr	trackr_bravo_firmware	Unauthenticated access to the cloud-based service maintained by TrackR Bravo is allowed for querying or sending GPS data for any Trackr device by using the tracker ID number which can be discovered a…	CWE-200 Information Exposure	CVE-2016-6540	2024-11-21 11:56	2018-07-7	Show	GitHub Exploit DB Packet Storm

266068	8.8	HIGH Adjacent	thetrackr	trackr_bravo_firmware	The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been r…	CWE-255 CWE-200 Credentials Management Information Exposure	CVE-2016-6538	2024-11-21 11:56	2018-07-7	Show	GitHub Exploit DB Packet Storm

266069	3.5	LOW Adjacent	thetrackr	trackr_firmware	The Trackr device ID is constructed of a manufacturer identifier of four zeroes followed by the BLE MAC address in reverse. The MAC address can be obtained by being in close proximity to the Bluetoot…	CWE-200 Information Exposure	CVE-2016-6539	2024-11-21 11:56	2018-07-7	Show	GitHub Exploit DB Packet Storm

266070	9.6	CRITICAL Network	cloudfoundry pivotal_software	cf-release cloud_foundry_elastic_runtime	Applications in cf-release before 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack. Although it is not recommended, a user can specify a cr…	CWE-200 Information Exposure	CVE-2016-6658	2024-11-21 11:56	2018-03-30	Show	GitHub Exploit DB Packet Storm