Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252311 6 警告 Fabrik - Joomla! 用 Fabrik コンポーネントの models/importcsv.php における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2011-5004 2011-12-28 14:28 2011-09-23 Show GitHub Exploit DB Packet Storm
252312 10 危険 Avid Technology - Avid Media Composer の Phonetic Indexer におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5003 2011-12-28 14:27 2011-12-25 Show GitHub Exploit DB Packet Storm
252313 10 危険 Final Draft - Final Draft におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5002 2011-12-28 14:24 2011-12-25 Show GitHub Exploit DB Packet Storm
252314 10 危険 Attachmate - Reflection FTP クライアントにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5012 2011-12-28 11:44 2011-12-25 Show GitHub Exploit DB Packet Storm
252315 4.3 警告 xt:Commerce - xt:Commerce におけるクロスサイトリクエストフォージェリの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5011 2011-12-28 11:41 2011-12-25 Show GitHub Exploit DB Packet Storm
252316 10 危険 Ctek, Inc. - Ctek SkyRouter の apps/a3/cfg_ethping.cgi における任意のコマンドを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5010 2011-12-28 11:40 2011-12-25 Show GitHub Exploit DB Packet Storm
252317 5 警告 3S-Smart Software Solutions - 3S CoDeSys におけるサービス運用妨害 (NULL ポインタデリファレンス) の脆弱性 CWE-Other
その他 		CVE-2011-5009 2011-12-28 11:36 2011-12-25 Show GitHub Exploit DB Packet Storm
252318 7.5 危険 3S-Smart Software Solutions - 3S CoDeSys の GatewayService コンポーネントにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-5008 2011-12-28 11:35 2011-12-25 Show GitHub Exploit DB Packet Storm
252319 10 危険 3S-Smart Software Solutions - 3S CoDeSys におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5007 2011-12-28 11:34 2011-12-25 Show GitHub Exploit DB Packet Storm
252320 7.5 危険 Wuzly - Wuzly の管理機能における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-3839 2011-12-28 11:31 2011-12-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
265051 5.4 MEDIUM
Network 		alienvault open_source_security_information_and_event_management
unified_security_management 		Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before 5.3 and USM before 5.3 allows remote attackers to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.p… CWE-79
Cross-site Scripting 		CVE-2016-6913 2024-11-21 11:57 2016-09-27 Show GitHub Exploit DB Packet Storm
265052 6.5 MEDIUM
Network 		huawei ar_firmware
netengine_16ex_firmware 		Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers wi… CWE-20
 Improper Input Validation  		CVE-2016-6901 2024-11-21 11:57 2016-09-27 Show GitHub Exploit DB Packet Storm
265053 7.5 HIGH
Network 		canonical
file_roller_project 		ubuntu_linux
file_roller 		The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive. CWE-20
 Improper Input Validation  		CVE-2016-7162 2024-11-21 11:57 2016-09-27 Show GitHub Exploit DB Packet Storm
265054 5.9 MEDIUM
Network 		inspircd
debian 		inspircd
debian_linux 		The m_sasl module in InspIRCd before 2.0.23, when used with a service that supports SASL_EXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-7142 2024-11-21 11:57 2016-09-27 Show GitHub Exploit DB Packet Storm
265055 8.1 HIGH
Network 		gnu wget Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP … CWE-362
Race Condition 		CVE-2016-7098 2024-11-21 11:57 2016-09-26 Show GitHub Exploit DB Packet Storm
265056 5.5 MEDIUM
Local 		redhat
libarchive
oracle 		enterprise_linux_desktop
enterprise_linux_server_aus
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_hpc_… 		libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip… CWE-399
 Resource Management Errors 		CVE-2016-7166 2024-11-21 11:57 2016-09-21 Show GitHub Exploit DB Packet Storm
265057 7.8 HIGH
Local 		uclouvain
debian
fedoraproject
redhat 		openjpeg
debian_linux
fedora
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_tus
enterprise_linux_server_aus
enterprise_l… 		Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write. CWE-190
 Integer Overflow or Wraparound 		CVE-2016-7163 2024-11-21 11:57 2016-09-21 Show GitHub Exploit DB Packet Storm
265058 6.7 MEDIUM
Local 		xen xen Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain s… CWE-416
 Use After Free 		CVE-2016-7154 2024-11-21 11:57 2016-09-21 Show GitHub Exploit DB Packet Storm
265059 8.1 HIGH
Network 		debian
charybdis_project 		debian_linux
charybdis 		The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE … CWE-285
Improper Authorization 		CVE-2016-7143 2024-11-21 11:57 2016-09-21 Show GitHub Exploit DB Packet Storm
265060 4.1 MEDIUM
Local 		xen xen Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-7094 2024-11-21 11:57 2016-09-21 Show GitHub Exploit DB Packet Storm