Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 10:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216321	5	警告	Zoho Corporation	-	ZOHO ManageEngine DeviceExpert の ReadUsersFromMasterServlet におけるユーザアカウントの認証情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2014-5377	2014-09-8 17:39	2014-08-27	Show	GitHub Exploit DB Packet Storm

216322	5	警告	Plack project	-	Plack の Plack::App::File における生成されたファイルのホワイトリストを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-5269	2014-09-8 17:39	2014-08-1	Show	GitHub Exploit DB Packet Storm

216323	4.9	警告	TorrentFlux	-	TorrentFlux における他のユーザの Cookie を削除または変更される脆弱性	CWE-noinfo 情報不足	CVE-2014-6029	2014-09-8 17:16	2014-08-28	Show	GitHub Exploit DB Packet Storm

216324	4	警告	TorrentFlux	-	TorrentFlux における他のユーザの Cookie を取得される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-6028	2014-09-8 17:16	2014-08-28	Show	GitHub Exploit DB Packet Storm

216325	4.3	警告	Apache Software Foundation	-	Apache POI におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2014-3574	2014-09-8 16:57	2014-08-18	Show	GitHub Exploit DB Packet Storm

216326	4.3	警告	Apache Software Foundation	-	Apache POI の OPC SAX セットアップにおける任意のファイルを読まれる脆弱性	CWE-Other その他	CVE-2014-3529	2014-09-8 16:56	2014-08-18	Show	GitHub Exploit DB Packet Storm

216327	3.5	注意	openSUSE project	-	srvx の HelpServ モジュールにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2014-5508	2014-09-8 16:35	2014-08-28	Show	GitHub Exploit DB Packet Storm

216328	6.8	警告	SAP	-	SAP Crystal Reports におけるメモリ二重解放の脆弱性	CWE-Other その他	CVE-2014-5506	2014-09-8 16:05	2014-09-3	Show	GitHub Exploit DB Packet Storm

216329	6.8	警告	SAP	-	SAP Crystal Reports におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-5505	2014-09-8 16:05	2014-09-3	Show	GitHub Exploit DB Packet Storm

216330	7.5	危険	SolarWinds	-	SolarWinds Log and Event Manager におけるデータベースへのアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2014-5504	2014-09-8 15:47	2014-08-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293321	-	template_cms_project	template_cms	Cross-site scripting (XSS) vulnerability in Template CMS 2.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the themes_editor parameter in an add_template action to …	CWE-79 Cross-site Scripting	CVE-2012-4901	2024-11-21 10:43	2015-05-21	Show	GitHub Exploit DB Packet Storm

293322	-	mikejolley	download_monitor	Cross-site scripting (XSS) vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the d…	CWE-79 Cross-site Scripting	CVE-2012-4768	2024-11-21 10:43	2014-09-4	Show	GitHub Exploit DB Packet Storm

293323	-	xnview	xnview	Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image fi…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-4988	2024-11-21 10:43	2014-07-9	Show	GitHub Exploit DB Packet Storm

293324	-	corel	quattro_pro_x6	The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NU…	NVD-CWE-Other	CVE-2012-4728	2024-11-21 10:43	2014-06-6	Show	GitHub Exploit DB Packet Storm

293325	-	owncloud	owncloud	CRLF injection vulnerability in ownCloud Server before 4.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter.	NVD-CWE-Other	CVE-2012-5057	2024-11-21 10:43	2014-06-4	Show	GitHub Exploit DB Packet Storm

293326	-	owncloud	owncloud	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) readyCallback parameter to apps/files_odf…	CWE-79 Cross-site Scripting	CVE-2012-5056	2024-11-21 10:43	2014-06-4	Show	GitHub Exploit DB Packet Storm

293327	-	davistribe	google_doc_embedder	Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to libs/pdf.php.	CWE-22 Path Traversal	CVE-2012-4915	2024-11-21 10:43	2014-05-29	Show	GitHub Exploit DB Packet Storm

293328	-	cisco	ios	Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-5044	2024-11-21 10:43	2014-04-23	Show	GitHub Exploit DB Packet Storm

293329	-	cisco	ios catalyst_6500 catalyst_7600	The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a "no object-group" command followed by an o…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-5037	2024-11-21 10:43	2014-04-23	Show	GitHub Exploit DB Packet Storm

293330	-	cisco	ios	The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote attackers to cause a denial of service (memory consumption) via vectors involving BGP path attributes, aka Bug ID CSCsw63003.	CWE-399 Resource Management Errors	CVE-2012-5039	2024-11-21 10:43	2014-04-23	Show	GitHub Exploit DB Packet Storm