Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242361 6.8 警告 Tecnick.com - TCExam における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-4237 2012-08-22 16:43 2012-08-6 Show GitHub Exploit DB Packet Storm
242362 4.3 警告 Jease - Jease におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4052 2012-08-22 16:42 2012-08-20 Show GitHub Exploit DB Packet Storm
242363 4.3 警告 Total Shop UK - Total Shop UK eCommerce Open Source におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4236 2012-08-22 16:40 2012-08-20 Show GitHub Exploit DB Packet Storm
242364 4.9 警告 OpenStack - OpenStack Compute (Nova) の virt/disk/api.py における任意のファイルを上書される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3447 2012-08-22 16:34 2012-07-31 Show GitHub Exploit DB Packet Storm
242365 5 警告 Debian - devotee における秘密のあだ名を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-2387 2012-08-22 16:24 2012-08-20 Show GitHub Exploit DB Packet Storm
242366 5 警告 GNOME Project - libsoup における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2012-2132 2012-08-22 16:20 2011-12-15 Show GitHub Exploit DB Packet Storm
242367 6.8 警告 Libav - Libav の libavcodec におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-0947 2012-08-22 16:19 2012-05-4 Show GitHub Exploit DB Packet Storm
242368 4.3 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec におけるサービス運用妨害 (メモリ破損) の脆弱性 CWE-119
バッファエラー 		CVE-2011-4579 2012-08-22 15:26 2011-12-25 Show GitHub Exploit DB Packet Storm
242369 6.8 警告 FFmpeg
Libav		 - FFmpeg および Libav の libavcodec におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4364 2012-08-22 15:25 2011-12-25 Show GitHub Exploit DB Packet Storm
242370 4.3 警告 FFmpeg
Libav		 - FFmpeg および Libav におけるサービス運用妨害 (out-of-bounds read) の脆弱性 CWE-119
バッファエラー 		CVE-2011-4353 2012-08-22 15:24 2011-12-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269451 8.8 HIGH
Network 		hp network_node_manager_i A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10 using Java Deserialization. CWE-502
 Deserialization of Untrusted Data 		CVE-2016-4398 2024-11-21 11:52 2018-08-7 Show GitHub Exploit DB Packet Storm
269452 7.8 HIGH
Local 		hp network_node_manager_i A local code execution security vulnerability was identified in HP Network Node Manager i (NNMi) v10.00, v10.10 and v10.20 Software. CWE-94
Code Injection 		CVE-2016-4397 2024-11-21 11:52 2018-08-7 Show GitHub Exploit DB Packet Storm
269453 5.4 MEDIUM
Network 		hp business_service_management A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1. CWE-79
Cross-site Scripting 		CVE-2016-4392 2024-11-21 11:52 2018-08-7 Show GitHub Exploit DB Packet Storm
269454 9.8 CRITICAL
Network 		hp arcsight_winc_connector A remote code execution security vulnerability has been identified in all versions of the HP ArcSight WINC Connector prior to v7.3.0. CWE-94
Code Injection 		CVE-2016-4391 2024-11-21 11:52 2018-08-7 Show GitHub Exploit DB Packet Storm
269455 8.8 HIGH
Network 		apache
netapp 		struts
oncommand_balance 		Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because … CWE-20
 Improper Input Validation  		CVE-2016-4461 2024-11-21 11:52 2017-10-17 Show GitHub Exploit DB Packet Storm
269456 7.8 HIGH
Local 		apache tika Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity (XXE) attacks via vectors involving (1) sprea… CWE-611
XXE 		CVE-2016-4434 2024-11-21 11:52 2017-09-30 Show GitHub Exploit DB Packet Storm
269457 8.8 HIGH
Network 		apache ofbiz By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Fr… CWE-20
 Improper Input Validation  		CVE-2016-4462 2024-11-21 11:52 2017-08-31 Show GitHub Exploit DB Packet Storm
269458 9.8 CRITICAL
Network 		apache pony_mail Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication. CWE-287
Improper Authentication 		CVE-2016-4460 2024-11-21 11:52 2017-08-23 Show GitHub Exploit DB Packet Storm
269459 7.5 HIGH
Network 		gnu gnutls The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem. CWE-20
 Improper Input Validation  		CVE-2016-4456 2024-11-21 11:52 2017-08-9 Show GitHub Exploit DB Packet Storm
269460 8.4 HIGH
Network 		hp helion_openstack_glance The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified ima… CWE-284
Improper Access Control 		CVE-2016-4383 2024-11-21 11:52 2017-06-28 Show GitHub Exploit DB Packet Storm