Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252351 5 警告 osCommerce - osCommerce におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2005-2330 2012-01-20 12:08 2012-01-20 Show GitHub Exploit DB Packet Storm
252352 4.3 警告 osCommerce - osCommerce 日本語版におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0311 2012-01-20 12:08 2012-01-20 Show GitHub Exploit DB Packet Storm
252353 2.7 注意 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2012-0091 2012-01-20 11:36 2012-01-17 Show GitHub Exploit DB Packet Storm
252354 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2012-0089 2012-01-20 11:35 2012-01-17 Show GitHub Exploit DB Packet Storm
252355 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2012-0076 2012-01-20 11:35 2012-01-17 Show GitHub Exploit DB Packet Storm
252356 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2012-0088 2012-01-20 11:35 2012-01-17 Show GitHub Exploit DB Packet Storm
252357 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise CRM コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2012-0074 2012-01-20 11:34 2012-01-17 Show GitHub Exploit DB Packet Storm
252358 5.5 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2012-0080 2012-01-20 11:33 2012-01-17 Show GitHub Exploit DB Packet Storm
252359 3.6 注意 オラクル - Oracle Virtualization の Virtual Desktop Infrastructure コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-3571 2012-01-20 11:09 2012-01-17 Show GitHub Exploit DB Packet Storm
252360 5 警告 オラクル - Oracle Database Server の Listener コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2012-0072 2012-01-20 10:32 2012-01-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
265051 5.4 MEDIUM
Network 		alienvault open_source_security_information_and_event_management
unified_security_management 		Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before 5.3 and USM before 5.3 allows remote attackers to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.p… CWE-79
Cross-site Scripting 		CVE-2016-6913 2024-11-21 11:57 2016-09-27 Show GitHub Exploit DB Packet Storm
265052 6.5 MEDIUM
Network 		huawei ar_firmware
netengine_16ex_firmware 		Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers wi… CWE-20
 Improper Input Validation  		CVE-2016-6901 2024-11-21 11:57 2016-09-27 Show GitHub Exploit DB Packet Storm
265053 7.5 HIGH
Network 		canonical
file_roller_project 		ubuntu_linux
file_roller 		The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive. CWE-20
 Improper Input Validation  		CVE-2016-7162 2024-11-21 11:57 2016-09-27 Show GitHub Exploit DB Packet Storm
265054 5.9 MEDIUM
Network 		inspircd
debian 		inspircd
debian_linux 		The m_sasl module in InspIRCd before 2.0.23, when used with a service that supports SASL_EXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-7142 2024-11-21 11:57 2016-09-27 Show GitHub Exploit DB Packet Storm
265055 8.1 HIGH
Network 		gnu wget Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP … CWE-362
Race Condition 		CVE-2016-7098 2024-11-21 11:57 2016-09-26 Show GitHub Exploit DB Packet Storm
265056 5.5 MEDIUM
Local 		redhat
libarchive
oracle 		enterprise_linux_desktop
enterprise_linux_server_aus
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_hpc_… 		libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip… CWE-399
 Resource Management Errors 		CVE-2016-7166 2024-11-21 11:57 2016-09-21 Show GitHub Exploit DB Packet Storm
265057 7.8 HIGH
Local 		uclouvain
debian
fedoraproject
redhat 		openjpeg
debian_linux
fedora
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_tus
enterprise_linux_server_aus
enterprise_l… 		Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write. CWE-190
 Integer Overflow or Wraparound 		CVE-2016-7163 2024-11-21 11:57 2016-09-21 Show GitHub Exploit DB Packet Storm
265058 6.7 MEDIUM
Local 		xen xen Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain s… CWE-416
 Use After Free 		CVE-2016-7154 2024-11-21 11:57 2016-09-21 Show GitHub Exploit DB Packet Storm
265059 8.1 HIGH
Network 		debian
charybdis_project 		debian_linux
charybdis 		The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE … CWE-285
Improper Authorization 		CVE-2016-7143 2024-11-21 11:57 2016-09-21 Show GitHub Exploit DB Packet Storm
265060 4.1 MEDIUM
Local 		xen xen Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-7094 2024-11-21 11:57 2016-09-21 Show GitHub Exploit DB Packet Storm