Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241891	6.8	警告	MediaWiki	-	MediaWiki の Special:Upload におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-1580	2012-09-12 13:45	2012-03-21	Show	GitHub Exploit DB Packet Storm

241892	5	警告	MediaWiki	-	MediaWiki のリソースローダにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-1579	2012-09-12 13:44	2012-03-21	Show	GitHub Exploit DB Packet Storm

241893	6.8	警告	MediaWiki	-	MediaWiki におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-1578	2012-09-12 13:43	2012-03-21	Show	GitHub Exploit DB Packet Storm

241894	4.6	警告	ヒューレット・パッカード	-	HP Business Availability Center における Web セッションをハイジャックされる脆弱性	CWE-noinfo 情報不足	CVE-2012-3257	2012-09-12 11:18	2012-09-6	Show	GitHub Exploit DB Packet Storm

241895	6.8	警告	ヒューレット・パッカード	-	HP Business Availability Center におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-3256	2012-09-12 11:17	2012-09-6	Show	GitHub Exploit DB Packet Storm

241896	4.3	警告	ヒューレット・パッカード	-	HP Business Availability Center におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3255	2012-09-12 11:17	2012-09-6	Show	GitHub Exploit DB Packet Storm

241897	7.5	危険	Honeywell International Inc.	-	複数の Honeywell 製品におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-0254	2012-09-12 11:16	2012-09-7	Show	GitHub Exploit DB Packet Storm

241898	7.5	危険	OpenEMR	-	OpenEMR の interface/login/validateUser.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-2115	2012-09-12 10:05	2012-09-9	Show	GitHub Exploit DB Packet Storm

241899	6.8	警告	OpenEMR	-	OpenEMR における任意の PHP コードを実行される脆弱性	CWE-Other その他	CVE-2011-5161	2012-09-12 10:03	2012-09-9	Show	GitHub Exploit DB Packet Storm

241900	4.3	警告	OpenEMR	-	OpenEMR の setup.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5160	2012-09-12 10:02	2012-09-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
265831	7.5	HIGH Adjacent	moxa	awk-3131a_firmware	An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functiona…	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2016-8716	2024-11-21 11:59	2017-04-13	Show	GitHub Exploit DB Packet Storm

265832	8.1	HIGH Network	lenovo	updates	Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary code.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-8237	2024-11-21 11:59	2017-04-11	Show	GitHub Exploit DB Packet Storm

265833	7.8	HIGH Local	lenovo	customer_care_software_development_kit	Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-8235	2024-11-21 11:59	2017-04-11	Show	GitHub Exploit DB Packet Storm

265834	7.5	HIGH Adjacent	huawei	oceanstor_5600_v3_firmware	Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key vulnerability; the hardcoded keys are used to encrypt communication data and authenticate different nodes of the devices. An attacker may …	CWE-798 Use of Hard-coded Credentials	CVE-2016-8754	2024-11-21 11:59	2017-04-3	Show	GitHub Exploit DB Packet Storm

265835	6.5	MEDIUM Network	huawei	anyoffice	Huawei AnyOffice V200R006C00 could allow an authenticated, remote attacker to cause the software to deny services by uploading an XML bomb.	CWE-20 Improper Input Validation	CVE-2016-8275	2024-11-21 11:59	2017-04-3	Show	GitHub Exploit DB Packet Storm

265836	7.8	HIGH Local	huawei	hisuite	Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code.	CWE-284 Improper Access Control	CVE-2016-8274	2024-11-21 11:59	2017-04-3	Show	GitHub Exploit DB Packet Storm

265837	7.8	HIGH Local	huawei	hisuite	Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can la…	CWE-20 CWE-284 Improper Input Validation Improper Access Control	CVE-2016-8273	2024-11-21 11:59	2017-04-3	Show	GitHub Exploit DB Packet Storm

265838	5.3	MEDIUM Local	huawei	hisuite	Huawei PC client software HiSuite 4.0.5.300_OVE has an information leak vulnerability; an attacker who can log in to the system can copy out the user's proxy password, causing information leaks.	CWE-200 Information Exposure	CVE-2016-8272	2024-11-21 11:59	2017-04-3	Show	GitHub Exploit DB Packet Storm

265839	5.3	MEDIUM Network	huawei	espace_iad_firmware	Huawei eSpace IAD V300R002C01SPC100 and earlier versions have an information leak vulnerability; an attacker can check and download the fault information by accessing a special URL.	CWE-200 Information Exposure	CVE-2016-8271	2024-11-21 11:59	2017-04-3	Show	GitHub Exploit DB Packet Storm

265840	9.8	CRITICAL Network	apache	camel	Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks.	CWE-502 Deserialization of Untrusted Data	CVE-2016-8749	2024-11-21 11:59	2017-03-29	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed