Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
215721 4.3 警告 Rinat Khaziev - WordPress 用 Frontend Uploader プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9444 2015-01-8 13:47 2014-12-27 Show GitHub Exploit DB Packet Storm
215722 4.3 警告 Mikko Saari - WordPress 用 Relevanssi プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9443 2015-01-8 13:47 2014-12-16 Show GitHub Exploit DB Packet Storm
215723 6.5 警告 Reality66 - WordPress 用 Cart66 Lite プラグインの models/Cart66Ajax.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9442 2015-01-8 13:46 2014-12-22 Show GitHub Exploit DB Packet Storm
215724 6.8 警告 Lightbox Photo Gallery project - WordPress 用 Lightbox Photo Gallery プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-9441 2015-01-8 13:46 2014-12-12 Show GitHub Exploit DB Packet Storm
215725 6.8 警告 Sliding Social Icons project - WordPress 用 Sliding Social Icons プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-9437 2015-01-8 13:46 2014-12-12 Show GitHub Exploit DB Packet Storm
215726 6.8 警告 e107.org - e107 の e107_admin/users.php の AdminObserver 関数におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-9459 2015-01-8 12:20 2014-12-28 Show GitHub Exploit DB Packet Storm
215727 10 危険 Hex-Rays - Hex-Rays IDA の GDB debugger モジュールにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-9458 2015-01-8 12:13 2014-12-24 Show GitHub Exploit DB Packet Storm
215728 6.5 警告 PMB Services SAS. - PMB の classes/mono_display.class.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9457 2015-01-8 12:03 2014-12-25 Show GitHub Exploit DB Packet Storm
215729 5.8 警告 NYU - Ex Libris Patron Directory Services 用 NYU OpenSSO Integration のログインページにおけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2014-7294 2015-01-8 11:53 2014-12-29 Show GitHub Exploit DB Packet Storm
215730 4.3 警告 NYU - Ex Libris Patron Directory Services 用 NYU OpenSSO Integration のログインページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-7293 2015-01-8 11:53 2014-12-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292051 - apache tomcat java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data af… CWE-19
 Data Processing Errors 		CVE-2014-0227 2024-11-21 11:01 2015-02-16 Show GitHub Exploit DB Packet Storm
292052 - ovirt ovirt oVirt Engine before 3.5.0 does not include the HTTPOnly flag in a Set-Cookie header for the session IDs, which makes it easier for remote attackers to obtain potentially sensitive information via scr… CWE-200
Information Exposure 		CVE-2014-0154 2024-11-21 11:01 2015-02-14 Show GitHub Exploit DB Packet Storm
292053 - redhat ovirt-engine Cross-site request forgery (CSRF) vulnerability in oVirt Engine before 3.5.0 beta2 allows remote attackers to hijack the authentication of users for requests that perform unspecified actions via a RE… CWE-352
 Origin Validation Error 		CVE-2014-0151 2024-11-21 11:01 2015-02-14 Show GitHub Exploit DB Packet Storm
292054 - oracle fusion_middleware The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other pro… NVD-CWE-noinfo
CVE-2014-0191 2024-11-21 11:01 2015-01-21 Show GitHub Exploit DB Packet Storm
292055 - redhat
odata4j_project 		jboss_data_virtualization
odata4j 		XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a… NVD-CWE-Other
CVE-2014-0171 2024-11-21 11:01 2015-01-16 Show GitHub Exploit DB Packet Storm
292056 - redhat jboss_enterprise_application_platform JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions on audit.log, which allows local users to obtain sensitive informat… CWE-200
Information Exposure 		CVE-2014-0059 2024-11-21 11:01 2014-11-18 Show GitHub Exploit DB Packet Storm
292057 - freerdp
opensuse 		freerdp
opensuse 		Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress f… CWE-189
Numeric Errors 		CVE-2014-0250 2024-11-21 11:01 2014-11-17 Show GitHub Exploit DB Packet Storm
292058 - apache hive Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated use… CWE-284
Improper Access Control 		CVE-2014-0228 2024-11-21 11:01 2014-11-17 Show GitHub Exploit DB Packet Storm
292059 - redhat openshift Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartr… CWE-94
Code Injection 		CVE-2014-0233 2024-11-21 11:01 2014-11-16 Show GitHub Exploit DB Packet Storm
292060 - suse
qemu 		linux_enterprise_server
qemu 		Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, whi… CWE-189
Numeric Errors 		CVE-2014-0223 2024-11-21 11:01 2014-11-5 Show GitHub Exploit DB Packet Storm