Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252261 4.3 警告 gphemsley - SASHA の inc/lib/lib.base.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5042 2012-01-5 16:11 2011-12-30 Show GitHub Exploit DB Packet Storm
252262 4.3 警告 PulseCMS - Pulse Pro CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5041 2012-01-5 16:10 2011-12-30 Show GitHub Exploit DB Packet Storm
252263 4.3 警告 Infoproject - Infoproject Biznis Heroj におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5040 2012-01-5 14:27 2011-12-30 Show GitHub Exploit DB Packet Storm
252264 7.5 危険 Infoproject - Infoproject Biznis Heroj における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5039 2012-01-5 14:26 2011-12-30 Show GitHub Exploit DB Packet Storm
252265 7.5 危険 hitCode - hitCode hitAppoint における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5038 2012-01-5 14:24 2011-12-30 Show GitHub Exploit DB Packet Storm
252266 4.4 警告 ConfigServer - ConfigServer Security & Firewall におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5033 2012-01-5 14:21 2011-12-10 Show GitHub Exploit DB Packet Storm
252267 4.9 警告 WinMount - WinMount の WMDrive.sys におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2011-5032 2012-01-5 14:20 2011-12-29 Show GitHub Exploit DB Packet Storm
252268 7.5 危険 Shilpi Computers Limited. - cApexWEB の servlet/capexweb.parentvalidatepassword における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5031 2012-01-5 14:19 2011-12-29 Show GitHub Exploit DB Packet Storm
252269 3.5 注意 valthebald - Drupal 用 Meta tags quick モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5030 2012-01-5 14:18 2011-12-14 Show GitHub Exploit DB Packet Storm
252270 4.3 警告 Alexander Palmo - Simple PHP Blog におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5029 2012-01-5 11:07 2011-12-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
265111 7.3 HIGH
Local 		ibm db2
db2_connect 		Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse libra… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-5995 2024-11-21 11:55 2016-10-1 Show GitHub Exploit DB Packet Storm
265112 7.5 HIGH
Network 		ibm websphere_application_server IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, 8.5.x before 8.5.5.11, 9.0.x before 9.0.0.2, and Liberty before 16.0.0.3 mishandles responses, which allows remote a… CWE-200
Information Exposure 		CVE-2016-5986 2024-11-21 11:55 2016-10-1 Show GitHub Exploit DB Packet Storm
265113 9.8 CRITICAL
Network 		redhat jboss_operations_network The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted H… CWE-502
 Deserialization of Untrusted Data 		CVE-2016-6330 2024-11-21 11:55 2016-09-28 Show GitHub Exploit DB Packet Storm
265114 5.3 MEDIUM
Network 		sap trex The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226. CWE-200
Information Exposure 		CVE-2016-6146 2024-11-21 11:55 2016-09-28 Show GitHub Exploit DB Packet Storm
265115 9.8 CRITICAL
Network 		sap trex An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591. NVD-CWE-noinfo
CVE-2016-6137 2024-11-21 11:55 2016-09-28 Show GitHub Exploit DB Packet Storm
265116 9.8 CRITICAL
Network 		openssl openssl statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitra… CWE-416
 Use After Free 		CVE-2016-6309 2024-11-21 11:55 2016-09-27 Show GitHub Exploit DB Packet Storm
265117 5.9 MEDIUM
Network 		openssl openssl statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of servic… CWE-399
 Resource Management Errors 		CVE-2016-6308 2024-11-21 11:55 2016-09-27 Show GitHub Exploit DB Packet Storm
265118 5.9 MEDIUM
Network 		openssl openssl The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consu… CWE-400
 Uncontrolled Resource Consumption 		CVE-2016-6307 2024-11-21 11:55 2016-09-27 Show GitHub Exploit DB Packet Storm
265119 5.9 MEDIUM
Network 		openssl
hp
novell
nodejs
debian
canonical 		openssl
icewall_sso
icewall_mcrp
icewall_sso_agent_option
icewall_federation_agent
suse_linux_enterprise_module_for_web_scripting
node.js
debian_linux
ubuntu_linux 		The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s… CWE-125
Out-of-bounds Read 		CVE-2016-6306 2024-11-21 11:55 2016-09-27 Show GitHub Exploit DB Packet Storm
265120 7.5 HIGH
Network 		openssl openssl The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_… CWE-20
 Improper Input Validation  		CVE-2016-6305 2024-11-21 11:55 2016-09-27 Show GitHub Exploit DB Packet Storm