Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251161 5.8 警告 Mozilla Foundation - Mozilla Firefox における任意のクッキーを上書きまたは削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7293 2012-03-27 18:42 2011-08-9 Show GitHub Exploit DB Packet Storm
251162 2.1 注意 Mozilla Foundation - Bugzilla における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-7292 2012-03-27 18:42 2011-08-9 Show GitHub Exploit DB Packet Storm
251163 4 警告 IBM - IBM TDS の ldap_explode_rdn API 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-7290 2012-03-27 18:42 2011-04-10 Show GitHub Exploit DB Packet Storm
251164 4 警告 IBM - IBM TDS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-7289 2012-03-27 18:42 2011-04-10 Show GitHub Exploit DB Packet Storm
251165 5 警告 IBM - IBM TDS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-7288 2012-03-27 18:42 2011-04-21 Show GitHub Exploit DB Packet Storm
251166 4 警告 IBM - IBM TDS の API 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-7287 2012-03-27 18:42 2011-04-10 Show GitHub Exploit DB Packet Storm
251167 3.5 注意 IBM - IBM Lotus Quickr for Lotus Domino におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-7286 2012-03-27 18:42 2011-03-22 Show GitHub Exploit DB Packet Storm
251168 5 警告 IBM - IBM Lotus Quickr for Lotus Domino の docnote 文字列処理実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-7285 2012-03-27 18:42 2011-03-22 Show GitHub Exploit DB Packet Storm
251169 3.5 注意 IBM - IBM Lotus Quickr for Lotus Domino におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-7284 2012-03-27 18:42 2011-03-22 Show GitHub Exploit DB Packet Storm
251170 6 警告 OTRS プロジェクト - OTRS におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7283 2012-03-27 18:42 2011-03-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269421 9.8 CRITICAL
Network 		zsh
canonical 		zsh
ubuntu_linux 		In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters. CWE-189
Numeric Errors 		CVE-2016-10714 2024-11-21 11:44 2018-02-28 Show GitHub Exploit DB Packet Storm
269422 5.5 MEDIUM
Local 		gnu patch An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-10713 2024-11-21 11:44 2018-02-14 Show GitHub Exploit DB Packet Storm
269423 7.5 HIGH
Network 		php
canonical 		php
ubuntu_linux 		In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of stream_get_meta_data can be controlled if the input can be controlled (e.g., during file uploads). For exa… CWE-20
 Improper Input Validation  		CVE-2016-10712 2024-11-21 11:44 2018-02-9 Show GitHub Exploit DB Packet Storm
269424 9.8 CRITICAL
Network 		debian
apsis 		debian_linux
pound 		Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751. CWE-444
HTTP Request Smuggling 		CVE-2016-10711 2024-11-21 11:44 2018-01-30 Show GitHub Exploit DB Packet Storm
269425 8.1 HIGH
Network 		biscom secure_file_transfer Biscom Secure File Transfer (SFT) 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files vi… CWE-20
 Improper Input Validation  		CVE-2016-10710 2024-11-21 11:44 2018-01-26 Show GitHub Exploit DB Packet Storm
269426 8.8 HIGH
Network 		pfsense pfsense pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php. CWE-78
OS Command  		CVE-2016-10709 2024-11-21 11:44 2018-01-22 Show GitHub Exploit DB Packet Storm
269427 7.5 HIGH
Network 		openbsd
debian
canonical
netapp 		openssh
debian_linux
ubuntu_linux
storagegrid_webscale
cloud_backup
data_ontap_edge
storagegrid
clustered_data_ontap
service_processor
oncommand_unified_manager
data_ont… 		sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, relat… CWE-476
 NULL Pointer Dereference 		CVE-2016-10708 2024-11-21 11:44 2018-01-22 Show GitHub Exploit DB Packet Storm
269428 7.5 HIGH
Network 		jquery jquery jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an i… CWE-674
 Uncontrolled Recursion 		CVE-2016-10707 2024-11-21 11:44 2018-01-19 Show GitHub Exploit DB Packet Storm
269429 6.1 MEDIUM
Network 		automattic jetpack The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link. CWE-79
Cross-site Scripting 		CVE-2016-10706 2024-11-21 11:44 2018-01-13 Show GitHub Exploit DB Packet Storm
269430 6.1 MEDIUM
Network 		automattic jetpack The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module. CWE-79
Cross-site Scripting 		CVE-2016-10705 2024-11-21 11:44 2018-01-13 Show GitHub Exploit DB Packet Storm