Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216321 3.5 注意 Drupal - Drupal 用 Nivo Slider モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-8744 2014-10-20 17:04 2014-03-18 Show GitHub Exploit DB Packet Storm
216322 3.5 注意 Nextide - Drupal 用 Maestro モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-8743 2014-10-20 17:04 2014-06-6 Show GitHub Exploit DB Packet Storm
216323 3.5 注意 オラクル - Oracle MySQL の MySQL Server における SERVER:MEMCACHED に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-6474 2014-10-20 14:24 2014-10-14 Show GitHub Exploit DB Packet Storm
216324 5.5 警告 オラクル - Oracle MySQL の MySQL Server における SERVER:SP に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-6489 2014-10-20 14:24 2014-10-14 Show GitHub Exploit DB Packet Storm
216325 4 警告 オラクル - Oracle MySQL の MySQL Server における SERVER:INNODB FULLTEXT SEARCH DML に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-6564 2014-10-20 14:24 2014-10-14 Show GitHub Exploit DB Packet Storm
216326 4.9 警告 オラクル - Oracle Enterprise Manager Grid Control の Application Performance Management における End User Experience Management に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-6557 2014-10-20 10:13 2014-10-14 Show GitHub Exploit DB Packet Storm
216327 2.1 注意 オラクル - Oracle Enterprise Manager Grid Control の Enterprise Manager for Oracle Database における Content Management に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-6488 2014-10-20 10:12 2014-10-14 Show GitHub Exploit DB Packet Storm
216328 5 警告 シスコシステムズ - Cisco Intrusion Detection System の Cisco Intrusion Prevention System の Web フレームワークにおけるサービス運用妨害 (DoS) の脆弱性 CWE-287
不適切な認証 		CVE-2014-3402 2014-10-17 17:53 2014-10-8 Show GitHub Exploit DB Packet Storm
216329 6.8 警告 オラクル - Oracle Sun Solaris における Hermon HCA PCIe driver に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-6529 2014-10-17 16:11 2014-10-14 Show GitHub Exploit DB Packet Storm
216330 7.8 危険 オラクル - Oracle Sun Solaris における iSCSI Data Mover に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-6508 2014-10-17 16:11 2014-10-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294351 - flashfxp flashfxp Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote authenticated users to execute arbitrary code via a long unicode string to (1) TListbox or (2) TComboBox. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-4992 2024-11-21 10:43 2012-09-20 Show GitHub Exploit DB Packet Storm
294352 - silverstripe silverstripe Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe 2.3.x before 2.3.13 and 2.4.x before 2.4.7 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted string t… CWE-79
Cross-site Scripting 		CVE-2012-4968 2024-11-21 10:43 2012-09-18 Show GitHub Exploit DB Packet Storm
294353 - mozilla
google 		firefox
chrome 		The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypte… CWE-310
Cryptographic Issues 		CVE-2012-4930 2024-11-21 10:43 2012-09-16 Show GitHub Exploit DB Packet Storm
294354 - debian
mozilla
google 		debian_linux
firefox
chrome 		The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which… CWE-310
Cryptographic Issues 		CVE-2012-4929 2024-11-21 10:43 2012-09-16 Show GitHub Exploit DB Packet Storm
294355 - oxwall oxwall Cross-site scripting (XSS) vulnerability in ow_updates/index.php in Oxwall 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the plugin parameter. CWE-79
Cross-site Scripting 		CVE-2012-4928 2024-11-21 10:43 2012-09-16 Show GitHub Exploit DB Packet Storm
294356 - limesurvey limesurvey SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php. CWE-89
SQL Injection 		CVE-2012-4927 2024-11-21 10:43 2012-09-16 Show GitHub Exploit DB Packet Storm
294357 - imgpals img_pals_photo_host approve.php in Img Pals Photo Host 1.0 does not authenticate requests, which allows remote attackers to change the activation of administrators via the u parameter in an (1) app0 (disable) or (2) app… CWE-287
Improper Authentication 		CVE-2012-4926 2024-11-21 10:43 2012-09-16 Show GitHub Exploit DB Packet Storm
294358 - imgpals img_pals_photo_host Multiple SQL injection vulnerabilities in approve.php in Img Pals Photo Host 1.0 allow remote attackers to execute arbitrary SQL commands via the u parameter in a (1) app0 or (2) app1 action. NOTE: … CWE-89
SQL Injection 		CVE-2012-4925 2024-11-21 10:43 2012-09-16 Show GitHub Exploit DB Packet Storm
294359 - asus net4switch
ipswcom_activex_component 		Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote attackers to execute arbitrary code via a long parameter to the Aler… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-4924 2024-11-21 10:43 2012-09-16 Show GitHub Exploit DB Packet Storm
294360 - endian firewall Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule para… CWE-79
Cross-site Scripting 		CVE-2012-4923 2024-11-21 10:43 2012-09-16 Show GitHub Exploit DB Packet Storm