Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252931 7.2 危険 Google - Google App Engine Python SDK の sandbox 環境におけるアクセス制限を回避される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-4211 2011-11-7 09:49 2011-10-30 Show GitHub Exploit DB Packet Storm
252932 6.8 警告 Google - Google App Engine Python SDK の SDK Console におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-1364 2011-11-7 09:48 2011-10-30 Show GitHub Exploit DB Packet Storm
252933 5 警告 IBM - IBM WebSphere Application Server (WAS) における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-2747 2011-11-7 09:46 2009-10-24 Show GitHub Exploit DB Packet Storm
252934 5 警告 IBM - IBM Lotus Sametime における構成設定の情報を読まれる脆弱性 CWE-16
環境設定 		CVE-2011-1370 2011-11-7 09:46 2011-10-29 Show GitHub Exploit DB Packet Storm
252935 5 警告 IBM - IBM WebSphere Application Server におけるファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2011-1368 2011-11-7 09:45 2011-10-29 Show GitHub Exploit DB Packet Storm
252936 4.3 警告 IBM - IBM WebSphere MQ におけるサービス運用妨害 (ディスク消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0780 2011-11-7 09:44 2011-10-29 Show GitHub Exploit DB Packet Storm
252937 9.3 危険 シスコシステムズ - Cisco WebEx Recording Format (WRF) player の ATAS32 の処理機能におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4004 2011-11-4 15:14 2011-10-26 Show GitHub Exploit DB Packet Storm
252938 9.3 危険 シスコシステムズ - Cisco WebEx Recording Format (WRF) player の WRF の解析機能におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3319 2011-11-4 15:13 2011-10-26 Show GitHub Exploit DB Packet Storm
252939 7.8 危険 シスコシステムズ - Cisco Video Surveillance カメラにおけるサービス運用妨害 (デバイスリロード) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-3318 2011-11-4 15:11 2011-10-26 Show GitHub Exploit DB Packet Storm
252940 7.8 危険 シスコシステムズ - 複数の Cisco 製品におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-3315 2011-11-4 15:08 2011-10-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275791 - canonical
sqlite
debian
apple
php 		ubuntu_linux
sqlite
debian_linux
mac_os_x
watchos
php 		The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to caus… CWE-190
 Integer Overflow or Wraparound 		CVE-2015-3416 2024-11-21 11:29 2015-04-25 Show GitHub Exploit DB Packet Storm
275792 - apple
debian
canonical
sqlite
php 		watchos
mac_os_x
debian_linux
ubuntu_linux
sqlite
php 		The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free ope… CWE-404
 Improper Resource Shutdown or Release 		CVE-2015-3415 2024-11-21 11:29 2015-04-25 Show GitHub Exploit DB Packet Storm
275793 - sqlite
apple
debian
canonical
php 		sqlite
watchos
mac_os_x
debian_linux
ubuntu_linux
php 		SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and appli… CWE-908
 Use of Uninitialized Resource 		CVE-2015-3414 2024-11-21 11:29 2015-04-25 Show GitHub Exploit DB Packet Storm
275794 - canonical
debian
point-to-point_protocol_project 		ubuntu_linux
debian_linux
point-to-point_protocol 		Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-3310 2024-11-21 11:29 2015-04-24 Show GitHub Exploit DB Packet Storm
275795 - certify_project certify The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF cert… CWE-200
Information Exposure 		CVE-2015-3404 2024-11-21 11:29 2015-04-23 Show GitHub Exploit DB Packet Storm
275796 - fibonacciorange wedeal Open redirect vulnerability in the Commerce WeDeal module before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified pa… NVD-CWE-Other
CVE-2015-3393 2024-11-21 11:29 2015-04-22 Show GitHub Exploit DB Packet Storm
275797 - ajax_timeline_project ajax_timeline Cross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title. CWE-79
Cross-site Scripting 		CVE-2015-3392 2024-11-21 11:29 2015-04-22 Show GitHub Exploit DB Packet Storm
275798 - path_breadcrumbs_project path_breadcrumbs The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page. CWE-200
Information Exposure 		CVE-2015-3391 2024-11-21 11:29 2015-04-22 Show GitHub Exploit DB Packet Storm
275799 - facebook_album_fetcher_project facebook_album_fetcher Cross-site scripting (XSS) vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web sc… CWE-79
Cross-site Scripting 		CVE-2015-3390 2024-11-21 11:29 2015-04-22 Show GitHub Exploit DB Packet Storm
275800 - public_download_count_project public_download_count Cross-site scripting (XSS) vulnerability in the Download counts report page in the Public Download Count module (pubdlcnt) 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inje… CWE-79
Cross-site Scripting 		CVE-2015-3389 2024-11-21 11:29 2015-04-22 Show GitHub Exploit DB Packet Storm