Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
214541 4.3 警告 Ushahidi - Ushahidi Platform におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2025 2014-04-28 17:51 2013-05-1 Show GitHub Exploit DB Packet Storm
214542 3.5 注意 Episerver - Ektron CMS の content.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2729 2014-04-28 17:42 2014-04-16 Show GitHub Exploit DB Packet Storm
214543 9.3 危険 Power Software - Power Software の WinArchiver におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-5660 2014-04-28 17:13 2013-04-29 Show GitHub Exploit DB Packet Storm
214544 4.3 警告 JoomlaBoat.com - Joomla! 用 YouTube Gallery コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5956 2014-04-28 16:17 2013-09-27 Show GitHub Exploit DB Packet Storm
214545 6.8 警告 OpenX - OpenX におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-5954 2014-04-28 16:04 2013-09-27 Show GitHub Exploit DB Packet Storm
214546 4.3 警告 Moxiecode Systems AB - TinyMCE の bbcode プラグインにおけるクロスサイトスクリプティング攻撃を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4230 2014-04-28 15:49 2012-08-9 Show GitHub Exploit DB Packet Storm
214547 9.3 危険 3S-Smart Software Solutions
SoftMotion3D
Festo		 - Festo Modular controllers CECX-X-C1 および CECX-X-M1 における設定を変更される脆弱性 CWE-287
不適切な認証 		CVE-2014-0769 2014-04-28 15:40 2014-04-24 Show GitHub Exploit DB Packet Storm
214548 9.3 危険 3S-Smart Software Solutions
SoftMotion3D
Festo		 - Festo Modular controllers CECX-X-C1 および CECX-X-M1 における任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2014-0760 2014-04-28 15:40 2014-04-24 Show GitHub Exploit DB Packet Storm
214549 4.3 警告 Open-Xchange - Open-Xchange AppSuite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2393 2014-04-28 15:07 2014-04-8 Show GitHub Exploit DB Packet Storm
214550 4.3 警告 Open-Xchange - Open-Xchange AppSuite の電子メール自動設定機能における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-2392 2014-04-28 15:06 2014-04-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
298181 - apple safari Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the Web Inspecto… CWE-79
Cross-site Scripting 		CVE-2008-1004 2017-08-8 10:29 2008-03-19 Show GitHub Exploit DB Packet Storm
298182 - apple safari WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to re… CWE-200
Information Exposure 		CVE-2008-1005 2017-08-8 10:29 2008-03-19 Show GitHub Exploit DB Packet Storm
298183 - apple safari Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML by using the window.open function to change the… CWE-79
Cross-site Scripting 		CVE-2008-1006 2017-08-8 10:29 2008-03-19 Show GitHub Exploit DB Packet Storm
298184 - apple safari WebCore, as used in Apple Safari before 3.1, does not enforce the frame navigation policy for Java applets, which allows remote attackers to conduct cross-site scripting (XSS) attacks. CWE-79
Cross-site Scripting 		CVE-2008-1007 2017-08-8 10:29 2008-03-19 Show GitHub Exploit DB Packet Storm
298185 - apple safari Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via the document.domain property. CWE-79
Cross-site Scripting 		CVE-2008-1008 2017-08-8 10:29 2008-03-19 Show GitHub Exploit DB Packet Storm
298186 - apple safari Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary JavaScript by modifying the history object. CWE-79
Cross-site Scripting 		CVE-2008-1009 2017-08-8 10:29 2008-03-19 Show GitHub Exploit DB Packet Storm
298187 - apple safari Buffer overflow in WebKit, as used in Apple Safari before 3.1, allows remote attackers to execute arbitrary code via crafted regular expressions in JavaScript. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-1010 2017-08-8 10:29 2008-03-19 Show GitHub Exploit DB Packet Storm
298188 - apple safari Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via a frame that calls a method instance in anot… CWE-79
Cross-site Scripting 		CVE-2008-1011 2017-08-8 10:29 2008-03-19 Show GitHub Exploit DB Packet Storm
298189 - apple apple_airport_extreme_base_station Unspecified vulnerability in Apple AirPort Extreme Base Station Firmware 7.3.1 allows remote attackers to cause a denial of service (file sharing hang) via a crafted AFP request, related to "input va… CWE-20
 Improper Input Validation  		CVE-2008-1012 2017-08-8 10:29 2008-03-20 Show GitHub Exploit DB Packet Storm
298190 - apple quicktime Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet. NVD-CWE-Other
CVE-2008-1013 2017-08-8 10:29 2008-04-5 Show GitHub Exploit DB Packet Storm