Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242501 9.3 危険 macrovision - Macrovision FLEXnet Connect 用の isusweb.dll におけるバッファオーバーフローの脆弱性 - CVE-2007-0321 2012-09-25 16:47 2007-02-22 Show GitHub Exploit DB Packet Storm
242502 9.3 危険 macrovision - Macrovision InstallFromTheWeb 用の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-0320 2012-09-25 16:47 2007-02-22 Show GitHub Exploit DB Packet Storm
242503 7.5 危険 okulsistem okul web - Okul Web Otomasyon Sistemi の etkinlikbak.asp における SQL インジェクションの脆弱性 - CVE-2007-0305 2012-09-25 16:47 2007-01-17 Show GitHub Exploit DB Packet Storm
242504 7.5 危険 mint - MiNT Haber Sistemi の duyuru.asp における SQL インジェクションの脆弱性 - CVE-2007-0304 2012-09-25 16:47 2007-01-17 Show GitHub Exploit DB Packet Storm
242505 10 危険 pancake.org - Zina における脆弱性 - CVE-2007-0303 2012-09-25 16:47 2007-01-17 Show GitHub Exploit DB Packet Storm
242506 6.8 警告 InstantASP Ltd. - InstantASP におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0302 2012-09-25 16:47 2007-01-17 Show GitHub Exploit DB Packet Storm
242507 4 警告 オラクル - Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne における脆弱性 - CVE-2007-0297 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242508 2.1 注意 オラクル - Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne における脆弱性 - CVE-2007-0296 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242509 7.8 危険 オラクル - Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne における脆弱性 - CVE-2007-0295 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242510 1.7 注意 オラクル - Oracle Enterprise Manager における脆弱性 - CVE-2007-0294 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269471 7.7 HIGH
Network 		vmware vcenter_server VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML docum… CWE-611
XXE 		CVE-2016-7459 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269472 5.8 MEDIUM
Network 		vmware vsphere_client VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi instances to read arbitrary files via an XML document containing an external entity declaration in conjun… CWE-611
XXE 		CVE-2016-7458 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269473 10.0 CRITICAL
Network 		vmware vrealize_operations VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-7457 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269474 9.8 CRITICAL
Network 		vmware vsphere_data_protection VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session. CWE-255
Credentials Management 		CVE-2016-7456 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269475 6.5 MEDIUM
Network 		kde kmail KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed. CWE-94
Code Injection 		CVE-2016-7968 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269476 8.1 HIGH
Network 		kde kmail KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URL… CWE-94
CWE-284
Code Injection
Improper Access Control 		CVE-2016-7967 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269477 7.3 HIGH
Network 		kde
debian
fedoraproject
suse 		kmail
debian_linux
fedora
linux_enterprise 		Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal si… CWE-94
Code Injection 		CVE-2016-7966 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269478 4.9 MEDIUM
Network 		kde
opensuse 		kde-cli-tools
leap
opensuse 		A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. CWE-94
Code Injection 		CVE-2016-7787 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269479 5.5 MEDIUM
Local 		ffmpeg ffmpeg The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file. CWE-476
 NULL Pointer Dereference 		CVE-2016-7905 2024-11-21 11:58 2016-12-23 Show GitHub Exploit DB Packet Storm
269480 5.5 MEDIUM
Local 		ffmpeg ffmpeg The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file. CWE-20
 Improper Input Validation  		CVE-2016-7785 2024-11-21 11:58 2016-12-23 Show GitHub Exploit DB Packet Storm