Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216131	3.5	注意	FOG Project	-	FOG におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-3111	2014-10-28 10:58	2014-04-29	Show	GitHub Exploit DB Packet Storm

216132	6.5	警告	InterWorx	-	InterWorx Web Control Panel の xhr.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-2531	2014-10-28 10:47	2014-03-17	Show	GitHub Exploit DB Packet Storm

216133	4.3	警告	Splunk	-	Splunk におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8380	2014-10-28 10:39	2014-05-27	Show	GitHub Exploit DB Packet Storm

216134	4.3	警告	WebAsyst	-	Webasyst Shop-Script におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8377	2014-10-28 10:11	2014-08-12	Show	GitHub Exploit DB Packet Storm

216135	4.3	警告	Tenable, Inc.	-	Tenable Nessus 用 Web UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-7280	2014-10-28 09:58	2014-06-13	Show	GitHub Exploit DB Packet Storm

216136	7.5	危険	Zoho Corporation	-	ZOHO ManageEngine Desktop Central におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-5006	2014-10-28 09:50	2014-08-31	Show	GitHub Exploit DB Packet Storm

216137	7.5	危険	Zoho Corporation	-	ZOHO ManageEngine Desktop Central におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-5005	2014-10-28 09:49	2014-08-31	Show	GitHub Exploit DB Packet Storm

216138	6.8	警告	MRBS	-	Drupal 用 MRBS モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-7407	2014-10-27 19:30	2013-07-17	Show	GitHub Exploit DB Packet Storm

216139	7.5	危険	MRBS	-	Drupal 用 MRBS モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-7406	2014-10-27 19:30	2013-07-17	Show	GitHub Exploit DB Packet Storm

216140	5	警告	Websupporter	-	WordPress 用 WP AmASIN - The Amazon Affiliate Shop プラグインの reviews.php における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-4577	2014-10-27 18:55	2014-03-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295161	-	apple	iphone_os	The kernel in Apple iOS before 6 dereferences invalid pointers during the handling of packet-filter data structures, which allows local users to gain privileges via a crafted program that makes packe…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-3728	2024-11-21 10:41	2012-09-21	Show	GitHub Exploit DB Packet Storm

295162	-	apple	iphone_os	Buffer overflow in the IPsec component in Apple iOS before 6 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-3727	2024-11-21 10:41	2012-09-21	Show	GitHub Exploit DB Packet Storm

295163	-	apple	iphone_os	Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.	CWE-399 Resource Management Errors	CVE-2012-3726	2024-11-21 10:41	2012-09-21	Show	GitHub Exploit DB Packet Storm

295164	-	apple	iphone_os	The DNAv4 protocol implementation in the DHCP component in Apple iOS before 6 sends Wi-Fi packets containing a MAC address of a host on a previously used network, which might allow remote attackers t…	CWE-200 Information Exposure	CVE-2012-3725	2024-11-21 10:41	2012-09-21	Show	GitHub Exploit DB Packet Storm

295165	-	apple	iphone_os	CFNetwork in Apple iOS before 6 does not properly identify the host portion of a URL, which allows remote attackers to obtain sensitive information by leveraging the construction of an HTTP request w…	CWE-200 Information Exposure	CVE-2012-3724	2024-11-21 10:41	2012-09-21	Show	GitHub Exploit DB Packet Storm

295166	-	apple	mac_os_x mac_os_x_server	Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-3723	2024-11-21 10:41	2012-09-21	Show	GitHub Exploit DB Packet Storm

295167	-	apple	mac_os_x mac_os_x_server iphone_os	The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or …	CWE-399 Resource Management Errors	CVE-2012-3722	2024-11-21 10:41	2012-09-21	Show	GitHub Exploit DB Packet Storm

295168	-	apple	mac_os_x	Profile Manager in Apple Mac OS X before 10.7.5 does not properly perform authentication for the Device Management private interface, which allows attackers to enumerate managed devices via unspecifi…	CWE-287 Improper Authentication	CVE-2012-3721	2024-11-21 10:41	2012-09-21	Show	GitHub Exploit DB Packet Storm

295169	-	apple	mac_os_x	Mobile Accounts in Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 saves password hashes for external-account use even if external accounts are not enabled, which might allow remote attackers t…	CWE-255 Credentials Management	CVE-2012-3720	2024-11-21 10:41	2012-09-21	Show	GitHub Exploit DB Packet Storm

295170	-	apple	mac_os_x mac_os_x_server	Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded web plugins, which allows remote attackers to execute arbitrary plugin code via an e-mail message that triggers the loading of a…	CWE-20 Improper Input Validation	CVE-2012-3719	2024-11-21 10:41	2012-09-21	Show	GitHub Exploit DB Packet Storm