Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
209281 6.5 警告 株式会社アイシーズ - 抹茶請求書における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-5642 2015-10-8 15:25 2015-09-30 Show GitHub Exploit DB Packet Storm
209282 6.8 警告 Python Software Foundation - Windows 版 Python における任意の DLL 読み込みに関する脆弱性 CWE-Other
その他 		CVE-2015-5652 2015-10-8 15:24 2015-10-1 Show GitHub Exploit DB Packet Storm
209283 5 警告 Google - Android のメディアサーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2015-7718 2015-10-8 14:14 2015-10-5 Show GitHub Exploit DB Packet Storm
209284 9.3 危険 Google - Android のメディアサーバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-7717 2015-10-8 14:14 2015-10-5 Show GitHub Exploit DB Packet Storm
209285 10 危険 Google - Android の libstagefright における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-7716 2015-10-8 14:14 2015-10-5 Show GitHub Exploit DB Packet Storm
209286 6.8 警告 Google
SQLite		 - Android で使用される SQLite における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-6607 2015-10-8 14:14 2015-04-9 Show GitHub Exploit DB Packet Storm
209287 9.3 危険 Google - Android の Secure Element Evaluation Kit プラグインにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-6606 2015-10-8 14:14 2015-10-5 Show GitHub Exploit DB Packet Storm
209288 5 警告 Google - Android のメディアサーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2015-6605 2015-10-8 14:14 2015-10-5 Show GitHub Exploit DB Packet Storm
209289 10 危険 Google - Android の libstagefright における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-6604 2015-10-8 14:14 2015-10-5 Show GitHub Exploit DB Packet Storm
209290 10 危険 Google - Android の libstagefright における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-6603 2015-10-8 14:14 2015-10-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297851 7.5 HIGH
Network 		microsoft windows_7
windows_vista
windows_xp
windows_server_2003 		The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CV… CWE-400
 Uncontrolled Resource Consumption 		CVE-2012-5362 2024-11-21 10:44 2020-02-21 Show GitHub Exploit DB Packet Storm
297852 7.5 HIGH
Network 		squirrelmail change_passwd Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2012-5623 2024-11-21 10:44 2020-02-14 Show GitHub Exploit DB Packet Storm
297853 4.3 MEDIUM
Network 		basic_webmail_project basic_webmail The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses. CWE-200
Information Exposure 		CVE-2012-5570 2024-11-21 10:44 2020-02-9 Show GitHub Exploit DB Packet Storm
297854 9.8 CRITICAL
Network 		ushahidi ushahidi Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens. CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2012-5618 2024-11-21 10:44 2020-02-4 Show GitHub Exploit DB Packet Storm
297855 7.5 HIGH
Network 		dart powertcp_webserver_for_activex NULL Pointer Dereference in PowerTCP WebServer for ActiveX 1.9.2 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted HTTP request. CWE-476
 NULL Pointer Dereference 		CVE-2012-5389 2024-11-21 10:44 2020-01-24 Show GitHub Exploit DB Packet Storm
297856 7.8 HIGH
Local 		sumatrapdfreader
artifex 		sumatrapdf
mupdf 		SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file. CWE-190
 Integer Overflow or Wraparound 		CVE-2012-5340 2024-11-21 10:44 2020-01-24 Show GitHub Exploit DB Packet Storm
297857 7.5 HIGH
Network 		redhat jboss_operations_network
jboss_enterprise_web_server
jboss_enterprise_application_platform
jboss_brms
jboss_soa_platform
jboss_portal 		EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in… NVD-CWE-noinfo
CVE-2012-5626 2024-11-21 10:44 2020-01-24 Show GitHub Exploit DB Packet Storm
297858 9.8 CRITICAL
Network 		accusoft prizm_content_connect Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2012-5190 2024-11-21 10:44 2020-01-22 Show GitHub Exploit DB Packet Storm
297859 4.8 MEDIUM
Network 		smileys_project
smiley_project 		smileys
smiley 		Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with … CWE-79
Cross-site Scripting 		CVE-2012-5558 2024-11-21 10:44 2020-01-10 Show GitHub Exploit DB Packet Storm
297860 5.5 MEDIUM
Local 		openstack
debian 		horizon
debian_linux 		Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value. CWE-200
Information Exposure 		CVE-2012-5476 2024-11-21 10:44 2019-12-31 Show GitHub Exploit DB Packet Storm