Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242511 6.4 警告 オラクル - Oracle Enterprise Manager における脆弱性 CWE-noinfo
情報不足 		CVE-2007-0293 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242512 7.5 危険 オラクル - Oracle Enterprise Manager における脆弱性 CWE-noinfo
情報不足 		CVE-2007-0292 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242513 4 警告 オラクル - Oracle E-Business Suite and Applications における脆弱性 - CVE-2007-0291 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242514 5.5 警告 オラクル - Oracle E-Business Suite and Applications における脆弱性 - CVE-2007-0290 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242515 6.4 警告 オラクル - Oracle Collaboration Suite における脆弱性 - CVE-2007-0289 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242516 5 警告 nwom - Nwom topsites の index.php における重要な情報を取得される脆弱性 - CVE-2007-0250 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242517 6.8 警告 nwom - Nwom topsites の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0249 2012-09-25 15:36 2007-01-16 Show GitHub Exploit DB Packet Storm
242518 4.6 警告 lookup - lookup-el の ndeb-binary 機能における任意のファイルを上書きされる脆弱性 - CVE-2007-0237 2012-09-25 15:36 2007-03-19 Show GitHub Exploit DB Packet Storm
242519 7.5 危険 jshop e-commerce - Jshop サーバにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0232 2012-09-25 15:36 2007-01-12 Show GitHub Exploit DB Packet Storm
242520 7.5 危険 nicola asuni - Nicola Asuni AIOCP における SQL インジェクションの脆弱性 - CVE-2007-0223 2012-09-25 15:36 2007-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269471 7.7 HIGH
Network 		vmware vcenter_server VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML docum… CWE-611
XXE 		CVE-2016-7459 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269472 5.8 MEDIUM
Network 		vmware vsphere_client VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi instances to read arbitrary files via an XML document containing an external entity declaration in conjun… CWE-611
XXE 		CVE-2016-7458 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269473 10.0 CRITICAL
Network 		vmware vrealize_operations VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-7457 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269474 9.8 CRITICAL
Network 		vmware vsphere_data_protection VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session. CWE-255
Credentials Management 		CVE-2016-7456 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269475 6.5 MEDIUM
Network 		kde kmail KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed. CWE-94
Code Injection 		CVE-2016-7968 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269476 8.1 HIGH
Network 		kde kmail KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URL… CWE-94
CWE-284
Code Injection
Improper Access Control 		CVE-2016-7967 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269477 7.3 HIGH
Network 		kde
debian
fedoraproject
suse 		kmail
debian_linux
fedora
linux_enterprise 		Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal si… CWE-94
Code Injection 		CVE-2016-7966 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269478 4.9 MEDIUM
Network 		kde
opensuse 		kde-cli-tools
leap
opensuse 		A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. CWE-94
Code Injection 		CVE-2016-7787 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269479 5.5 MEDIUM
Local 		ffmpeg ffmpeg The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file. CWE-476
 NULL Pointer Dereference 		CVE-2016-7905 2024-11-21 11:58 2016-12-23 Show GitHub Exploit DB Packet Storm
269480 5.5 MEDIUM
Local 		ffmpeg ffmpeg The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file. CWE-20
 Improper Input Validation  		CVE-2016-7785 2024-11-21 11:58 2016-12-23 Show GitHub Exploit DB Packet Storm