Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
203901	5	警告	ヒューレット・パッカード日本電気 Apache Software Foundation	-	Apache Tomcat の DigestAuthenticator.java における暗号保護機構を回避される脆弱性	CWE-310 暗号の問題	CVE-2011-5064	2016-08-2 17:34	2012-01-14	Show	GitHub Exploit DB Packet Storm

203902	6.9	警告	アップル日本電気 Apache Software Foundation	-	Apache HTTP Server の envvars における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0883	2016-08-2 17:34	2012-03-2	Show	GitHub Exploit DB Packet Storm

203903	2.6	注意	日本電気 Apache Software Foundation アップル富士通オラクル日立	-	Apache HTTP Server の mod_negotiation モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2687	2016-08-2 17:34	2012-06-13	Show	GitHub Exploit DB Packet Storm

203904	5	警告	日本電気日立 Apache Software Foundation オラクル	-	Apache Tomcat におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-3544	2016-08-2 17:34	2012-09-6	Show	GitHub Exploit DB Packet Storm

203905	5.1	警告	アップル日本電気富士通 Apache Software Foundation オラクル	-	Apache HTTP Server の mod_rewrite モジュールにおける任意のコマンドを実行される脆弱性	CWE-310 暗号の問題	CVE-2013-1862	2016-08-2 17:34	2013-04-18	Show	GitHub Exploit DB Packet Storm

203906	7.5	危険	富士通日本電気 IBM Apache Software Foundation オラクル	-	Apache Struts の CookieInterceptor における ClassLoader を操作される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0113	2016-08-2 17:34	2014-04-28	Show	GitHub Exploit DB Packet Storm

203907	5.8	警告	富士通日本電気 IBM Apache Software Foundation オラクル	-	Apache Struts の CookieInterceptor における ClassLoader を操作される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0116	2016-08-2 17:34	2014-05-5	Show	GitHub Exploit DB Packet Storm

203908	4.3	警告	アップル日本電気 Apache Software Foundation	-	Apache HTTP Server の mod_proxy_balancer モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4558	2016-08-2 16:45	2013-02-18	Show	GitHub Exploit DB Packet Storm

203909	4.3	警告	日本電気 Apache Software Foundation アップル富士通オラクル日立	-	Apache HTTP Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3499	2016-08-2 16:45	2013-02-18	Show	GitHub Exploit DB Packet Storm

203910	9.8	緊急 Network	ベリタス日立	-	Veritas NetBackup および NetBackup アプライアンスの bpcd における任意のコマンドを実行される脆弱性	CWE-Other その他	CVE-2015-6550	2016-08-2 16:25	2015-08-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
290051	-	csphere	clansphere	Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows remote attackers to inject arbitrary web script or HTML via the where parameter in a list action to index.php.	CWE-79 Cross-site Scripting	CVE-2014-100010	2024-11-21 11:03	2015-01-13	Show	GitHub Exploit DB Packet Storm

290052	-	phpjabbers	appointment_scheduler	Multiple cross-site request forgery (CSRF) vulnerabilities in PHPJabbers Appointment Scheduler 2.0 allow remote attackers to hijack the authentication of administrators for requests that (1) conduct …	CWE-352 Origin Validation Error	CVE-2014-10001	2024-11-21 11:03	2015-01-13	Show	GitHub Exploit DB Packet Storm

290053	-	joomlaskin	js_multi_hotel	The Joomlaskin JS Multi Hotel (aka JS MultiHotel and Js-Multi-Hotel) plugin 2.2.1 and earlier for WordPress allows remote attackers to obtain the installation path via a request to (1) functions.php,…	CWE-200 Information Exposure	CVE-2014-100009	2024-11-21 11:03	2015-01-13	Show	GitHub Exploit DB Packet Storm

290054	-	joomlaskin	js_multi_hotel	Cross-site scripting (XSS) vulnerability in includes/delete_img.php in the Joomlaskin JS Multi Hotel (aka JS MultiHotel and Js-Multi-Hotel) plugin 2.2.1 and earlier for WordPress allows remote attack…	CWE-79 Cross-site Scripting	CVE-2014-100008	2024-11-21 11:03	2015-01-13	Show	GitHub Exploit DB Packet Storm

290055	-	hk_exif_tags_project	hk_exif_tags	Cross-site scripting (XSS) vulnerability in the HK Exif Tags plugin before 1.12 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of …	CWE-79 Cross-site Scripting	CVE-2014-100007	2024-11-21 11:03	2015-01-13	Show	GitHub Exploit DB Packet Storm

290056	-	webtrees	webtrees	Multiple cross-site scripting (XSS) vulnerabilities in modules_v3/googlemap/wt_v3_street_view.php in webtrees before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) ma…	CWE-79 Cross-site Scripting	CVE-2014-100006	2024-11-21 11:03	2015-01-13	Show	GitHub Exploit DB Packet Storm

290057	-	sitecore	cms	Cross-site scripting (XSS) vulnerability in Sitecore CMS before 7.0 Update-4 (rev. 140120) allows remote attackers to inject arbitrary web script or HTML via the xmlcontrol parameter to the default U…	CWE-79 Cross-site Scripting	CVE-2014-100004	2024-11-21 11:03	2015-01-13	Show	GitHub Exploit DB Packet Storm

290058	-	yourmembers_project	yourmembers	SQL injection vulnerability in includes/ym-download_functions.include.php in the Code Futures YourMembers plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ym_dow…	CWE-89 SQL Injection	CVE-2014-100003	2024-11-21 11:03	2015-01-13	Show	GitHub Exploit DB Packet Storm

290059	-	zohocorp	manageengine_supportcenter_plus	Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the attach parameter to Wor…	CWE-22 Path Traversal	CVE-2014-100002	2024-11-21 11:03	2015-01-13	Show	GitHub Exploit DB Packet Storm

290060	-	seopressor	seo_plugin_liveoptim	Cross-site request forgery (CSRF) vulnerability in the SEO Plugin LiveOptim plugin before 1.1.4-free for WordPress allows remote attackers to hijack the authentication of administrators for requests …	CWE-352 Origin Validation Error	CVE-2014-100001	2024-11-21 11:03	2015-01-13	Show	GitHub Exploit DB Packet Storm