Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216301 6.5 警告 レッドハット - Red Hat CloudForms Management Engine の vmdb/app/controllers/application_controller/performance.rb における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3642 2014-10-8 14:19 2014-10-2 Show GitHub Exploit DB Packet Storm
216302 4 警告 レッドハット - Red Hat CloudForms Management Engine における重要なコントローラおよびアクションにアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0140 2014-10-8 14:19 2014-10-2 Show GitHub Exploit DB Packet Storm
216303 5.5 警告 レッドハット - Red Hat Conga の /luci/homebase および /luci/cluster メニューのコンポーネントにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3521 2014-10-8 14:19 2014-09-16 Show GitHub Exploit DB Packet Storm
216304 5 警告 レッドハット - Red Hat Conga における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-6496 2014-10-8 14:18 2013-06-6 Show GitHub Exploit DB Packet Storm
216305 7.5 危険 Rejetto - Rejetto HFS (HTTP File Server) に null バイトの取扱いに関する脆弱性 CWE-94
CWE-Other
CVE-2014-6287 2014-10-8 13:44 2014-10-6 Show GitHub Exploit DB Packet Storm
216306 6.4 警告 ヒューレット・パッカード - HP System Management Homepage におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2640 2014-10-7 18:17 2014-09-30 Show GitHub Exploit DB Packet Storm
216307 4.3 警告 Jan Bartels - TYPO3 用 WEC Map エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-6296 2014-10-7 18:16 2014-02-12 Show GitHub Exploit DB Packet Storm
216308 6.8 警告 Mittwald CM Service - TYPO3 用 mm_forum エクステンションにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-6299 2014-10-7 18:02 2014-02-12 Show GitHub Exploit DB Packet Storm
216309 7.5 危険 Mittwald CM Service - TYPO3 用 mm_forum エクステンションにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-6298 2014-10-7 18:01 2014-02-12 Show GitHub Exploit DB Packet Storm
216310 4.3 警告 Mittwald CM Service - TYPO3 用 mm_forum エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-6297 2014-10-7 17:41 2014-02-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294631 - adobe shockwave_player Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4173, CVE-2012-4174, CVE-2012-4… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-4172 2024-11-21 10:42 2012-10-24 Show GitHub Exploit DB Packet Storm
294632 - cipherdyne fwknop Buffer overflow in the run_last_args function in client/fwknop.c in fwknop before 2.0.3, when processing --last, might allow local users to cause a denial of service (client crash) and possibly execu… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-4436 2024-11-21 10:42 2012-10-23 Show GitHub Exploit DB Packet Storm
294633 - cipherdyne fwknop fwknop before 2.0.3 does not properly validate IP addresses, which allows remote authenticated users to cause a denial of service (server crash) via a long IP address. CWE-20
 Improper Input Validation  		CVE-2012-4435 2024-11-21 10:42 2012-10-23 Show GitHub Exploit DB Packet Storm
294634 9.8 CRITICAL
Network 		openstack
fedoraproject
redhat 		swift
fedora
enterprise_linux_server
storage
storage_for_public_cloud
gluster_storage_server_for_on-premise
gluster_storage_management_console 		OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arb… CWE-502
 Deserialization of Untrusted Data 		CVE-2012-4406 2024-11-21 10:42 2012-10-23 Show GitHub Exploit DB Packet Storm
294635 - jcore jcore SQL injection vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to execute arbitrary SQL commands via the memberloginid cookie. CWE-89
SQL Injection 		CVE-2012-4232 2024-11-21 10:42 2012-10-23 Show GitHub Exploit DB Packet Storm
294636 - jcore jcore Cross-site scripting (XSS) vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to inject arbitrary web script or HTML via the path parameter. CWE-79
Cross-site Scripting 		CVE-2012-4231 2024-11-21 10:42 2012-10-23 Show GitHub Exploit DB Packet Storm
294637 - oracle
sun 		jdk
jre 		Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and … NVD-CWE-noinfo
CVE-2012-4416 2024-11-21 10:42 2012-10-17 Show GitHub Exploit DB Packet Storm
294638 - mozilla
suse
canonical
redhat 		firefox
seamonkey
thunderbird
thunderbird_esr
linux_enterprise_server
linux_enterprise_desktop
linux_enterprise_software_development_kit
ubuntu_linux
enterprise_linux_server 		Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue fun… CWE-346
 Origin Validation Error 		CVE-2012-4193 2024-11-21 10:42 2012-10-12 Show GitHub Exploit DB Packet Storm
294639 - mozilla seamonkey
thunderbird
firefox 		Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote attackers to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4192 2024-11-21 10:42 2012-10-12 Show GitHub Exploit DB Packet Storm
294640 - mozilla
canonical 		firefox
seamonkey
thunderbird
ubuntu_linux 		The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers t… CWE-787
 Out-of-bounds Write 		CVE-2012-4191 2024-11-21 10:42 2012-10-12 Show GitHub Exploit DB Packet Storm