Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
209071 7.5 危険 SolarWinds - SolarWinds Log & Event Manager における管理コンピュータ上で任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2015-7839 2015-10-19 15:44 2015-10-7 Show GitHub Exploit DB Packet Storm
209072 10 危険 SolarWinds - SolarWinds Storage Manager の ProcessFileUpload.jsp における任意のファイルをアップロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2015-7838 2015-10-19 15:44 2015-10-7 Show GitHub Exploit DB Packet Storm
209073 6.9 警告 IBM - IBM AIX および VIOS の netstat における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-4948 2015-10-19 15:34 2015-10-12 Show GitHub Exploit DB Packet Storm
209074 7.8 危険 Linux - Linux Kernel の Direct Rendering Manager サブシステムにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-7445 2015-10-19 15:12 2013-07-8 Show GitHub Exploit DB Packet Storm
209075 5 警告 シスコシステムズ - Cisco ASR 5000 および Cisco ASR 5500 デバイスのソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-6334 2015-10-19 15:01 2015-10-12 Show GitHub Exploit DB Packet Storm
209076 4.6 警告 シスコシステムズ - Cisco Application Policy Infrastructure Controller における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-6333 2015-10-19 15:01 2015-10-12 Show GitHub Exploit DB Packet Storm
209077 10 危険 SAP - 複数の SAP BusinessObjects 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2015-7730 2015-10-19 14:38 2015-05-12 Show GitHub Exploit DB Packet Storm
209078 6.5 警告 SAP - SAP HANA Developer Edition DB の Web-based Development Workbench の test-net.xsjs における Eval インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2015-7729 2015-10-19 14:38 2015-05-12 Show GitHub Exploit DB Packet Storm
209079 3.5 注意 SAP - SAP HANA DB の Web-based Development Workbench のユーザの作成におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-7728 2015-10-19 14:38 2015-05-12 Show GitHub Exploit DB Packet Storm
209080 6.5 警告 SAP - SAP HANA DB の Web-based Development Workbench における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-7727 2015-10-19 14:38 2015-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297641 - google authenticator pam_google_authenticator.c in the PAM module in Google Authenticator before 1.0 requires user-readable permissions for the secret file, which allows local users to bypass intended access restrictions… CWE-200
Information Exposure 		CVE-2012-6140 2024-11-21 10:45 2013-04-24 Show GitHub Exploit DB Packet Storm
297642 - ibm tririga_application_platform Multiple cross-site request forgery (CSRF) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3, and 8, allow remote attackers to hijack the authentication of arbitrary users fo… CWE-352
 Origin Validation Error 		CVE-2012-5950 2024-11-21 10:45 2013-04-23 Show GitHub Exploit DB Packet Storm
297643 - ibm tririga_application_platform Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3, and 8, allow remote attackers to inject content, and conduct phishing attacks, via vect… CWE-79
Cross-site Scripting 		CVE-2012-5949 2024-11-21 10:45 2013-04-23 Show GitHub Exploit DB Packet Storm
297644 - ibm tririga_application_platform Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3, and 8, allow remote attackers to inject arbitrary web script or HTML via vectors involv… CWE-79
Cross-site Scripting 		CVE-2012-5948 2024-11-21 10:45 2013-04-23 Show GitHub Exploit DB Packet Storm
297645 - apache activemq Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to Por… CWE-79
Cross-site Scripting 		CVE-2012-6092 2024-11-21 10:45 2013-04-22 Show GitHub Exploit DB Packet Storm
297646 - xmlsoft
opensuse 		libxslt
opensuse 		libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (… NVD-CWE-Other
CVE-2012-6139 2024-11-21 10:45 2013-04-13 Show GitHub Exploit DB Packet Storm
297647 - ibm sterling_file_gateway
gentran_integration_suite
sterling_integrator
sterling_b2b_integrator 		Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B2B Integrator 5.2, as used in IBM Sterling File Gateway 1.1 through 2… NVD-CWE-noinfo
CVE-2012-5937 2024-11-21 10:45 2013-04-13 Show GitHub Exploit DB Packet Storm
297648 - redhat openstack_folsom
openstack_essex 		Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-6120 2024-11-21 10:45 2013-04-11 Show GitHub Exploit DB Packet Storm
297649 - omniauth-oauth2_project omniauth-oauth2 Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session st… CWE-352
 Origin Validation Error 		CVE-2012-6134 2024-11-21 10:45 2013-04-10 Show GitHub Exploit DB Packet Storm
297650 - fedorahosted cronie File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab. CWE-200
Information Exposure 		CVE-2012-6097 2024-11-21 10:45 2013-04-10 Show GitHub Exploit DB Packet Storm