Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
259321 4.3 警告 Google - Android の Dalvik API におけるサービス運用妨害 (DoS) 脆弱性 CWE-noinfo
情報不足
CVE-2009-3698 2011-02-21 14:54 2009-10-14 Show GitHub Exploit DB Packet Storm
259322 5 警告 CollabNet, Inc. - CollabNet ScrumWorks Basic Server における認証情報取り扱いに関する問題 CWE-310
暗号の問題
CVE-2011-0410 2011-02-21 14:54 2011-01-24 Show GitHub Exploit DB Packet Storm
259323 5 警告 The PHP Group
レッドハット
- Libmbfl の mb_strcut 関数における重要な情報を取得される脆弱性 CWE-20
不適切な入力確認
CVE-2010-4156 2011-02-18 15:07 2010-11-10 Show GitHub Exploit DB Packet Storm
259324 6.8 警告 The PHP Group
サイバートラスト株式会社
レッドハット
- PHP の xml_utf8_decode 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題
CVE-2009-5016 2011-02-18 15:03 2010-11-12 Show GitHub Exploit DB Packet Storm
259325 6.8 警告 The PHP Group - PHP の set_magic_quotes_runtime 関数における SQL インジェクション攻撃を誘導される脆弱性 CWE-89
SQLインジェクション
CVE-2010-4700 2011-02-18 14:42 2010-07-1 Show GitHub Exploit DB Packet Storm
259326 7.5 危険 The PHP Group - PHP の iconv_mime_decode_headers 関数におけるスパムの検出を回避される脆弱性 CWE-189
数値処理の問題
CVE-2010-4699 2011-02-18 14:40 2010-09-28 Show GitHub Exploit DB Packet Storm
259327 5 警告 The PHP Group - PHP の GD 拡張モジュールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-4698 2011-02-18 14:38 2010-12-7 Show GitHub Exploit DB Packet Storm
259328 6.8 警告 The PHP Group - PHP の Zend Engine におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2010-4697 2011-02-18 14:35 2010-09-18 Show GitHub Exploit DB Packet Storm
259329 1 注意 サン・マイクロシステムズ - Oracle Sun Java System Portal Server のプロキシにおける脆弱性 CWE-noinfo
情報不足
CVE-2010-4431 2011-02-18 14:30 2011-01-18 Show GitHub Exploit DB Packet Storm
259330 3.6 注意 オラクル - Oracle Solaris 9 の XScreenSaver における脆弱性 CWE-noinfo
情報不足
CVE-2010-3586 2011-02-18 14:28 2011-01-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
270651 5.3 MEDIUM
Network
owncloud
nextcloud
owncloud
nextcloud_server
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parame… CWE-284
Improper Access Control
CVE-2016-9467 2024-11-21 12:01 2017-03-28 Show GitHub Exploit DB Packet Storm
270652 6.1 MEDIUM
Network
owncloud
nextcloud
owncloud
nextcloud_server
Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. The gallery app was not properly sanitizing exception messages from the N… CWE-79
Cross-site Scripting
CVE-2016-9466 2024-11-21 12:01 2017-03-28 Show GitHub Exploit DB Packet Storm
270653 5.4 MEDIUM
Network
owncloud
nextcloud
owncloud
nextcloud_server
Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Stored XSS in CardDAV image export. The CardDAV image export functionality as implemented in Nextcloud/ownCloud all… CWE-79
Cross-site Scripting
CVE-2016-9465 2024-11-21 12:01 2017-03-28 Show GitHub Exploit DB Packet Storm
270654 4.3 MEDIUM
Network
nextcloud nextcloud_server Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. The Sharing Backend as implemented in Nextcloud does differentiate between shares to users a… CWE-285
Improper Authorization
CVE-2016-9464 2024-11-21 12:01 2017-03-28 Show GitHub Exploit DB Packet Storm
270655 8.1 HIGH
Network
owncloud
nextcloud
owncloud
nextcloud_server
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enable… CWE-287
Improper Authentication
CVE-2016-9463 2024-11-21 12:01 2017-03-28 Show GitHub Exploit DB Packet Storm
270656 4.3 MEDIUM
Network
owncloud
nextcloud
owncloud
nextcloud_server
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying wheth… CWE-284
Improper Access Control
CVE-2016-9462 2024-11-21 12:01 2017-03-28 Show GitHub Exploit DB Packet Storm
270657 4.3 MEDIUM
Network
owncloud
nextcloud
owncloud
nextcloud_server
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on… CWE-284
Improper Access Control
CVE-2016-9461 2024-11-21 12:01 2017-03-28 Show GitHub Exploit DB Packet Storm
270658 5.3 MEDIUM
Network
nextcloud
owncloud
nextcloud
owncloud
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a content-spoofing attack in the files app. The location bar in the files app was not verifying the passed parameters. … CWE-284
Improper Access Control
CVE-2016-9460 2024-11-21 12:01 2017-03-28 Show GitHub Exploit DB Packet Storm
270659 6.1 MEDIUM
Network
owncloud
nextcloud
owncloud
nextcloud_server
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a log pollution vulnerability potentially leading to a local XSS. The download log functionality in the admin screen is… CWE-79
Cross-site Scripting
CVE-2016-9459 2024-11-21 12:01 2017-03-28 Show GitHub Exploit DB Packet Storm
270660 5.4 MEDIUM
Network
revive-adserver revive_adserver Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed… CWE-79
Cross-site Scripting
CVE-2016-9457 2024-11-21 12:01 2017-03-28 Show GitHub Exploit DB Packet Storm