Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216331 4.6 警告 Exim Development - Exim の expand.c における権限を取得される脆弱性 CWE-189
数値処理の問題 		CVE-2014-2972 2014-09-8 15:37 2014-07-16 Show GitHub Exploit DB Packet Storm
216332 6.8 警告 Exim Development - Exim の dmarc.c 内の dmarc_process 関数における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2957 2014-09-8 15:36 2014-05-26 Show GitHub Exploit DB Packet Storm
216333 7.5 危険 Zend Technologies Ltd. - ZendOpenId の Consumer コンポーネントの GenericConsumer クラスおよび Zend Framework の Zend_OpenId_Consumer クラスにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2014-2685 2014-09-8 14:39 2014-03-31 Show GitHub Exploit DB Packet Storm
216334 3.5 注意 Mathias Kettner GmbH - Check_MK のマルチサイトコンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-5338 2014-09-5 18:00 2014-05-27 Show GitHub Exploit DB Packet Storm
216335 4 警告 IBM - IBM Business Process Manager の Content Management ツールキットの不特定の Ajax サービスにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4759 2014-09-5 16:51 2014-08-29 Show GitHub Exploit DB Packet Storm
216336 4 警告 IBM - IBM Business Process Manager および WebSphere Lombardi Edition におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4758 2014-09-5 16:41 2014-08-29 Show GitHub Exploit DB Packet Storm
216337 3.5 注意 IBM - IBM Business Process Manager および WebSphere Lombardi Edition におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3075 2014-09-5 16:33 2014-08-29 Show GitHub Exploit DB Packet Storm
216338 4.3 警告 Mike Jolley - WordPress 用 Download Monitor プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4768 2014-09-5 14:15 2012-08-30 Show GitHub Exploit DB Packet Storm
216339 2.1 注意 IBM - Linux および AIX 上で稼動する IBM DB2 における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-4805 2014-09-5 12:20 2014-08-28 Show GitHub Exploit DB Packet Storm
216340 3.5 注意 IBM - 複数の OS 上で稼動する IBM DB2 の SQL エンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-3095 2014-09-5 12:20 2014-08-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294861 - apple safari WebKit in Apple Safari before 6.0 does not properly handle Cascading Style Sheets (CSS) property values, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. CWE-20
 Improper Input Validation  		CVE-2012-3691 2024-11-21 10:41 2012-07-26 Show GitHub Exploit DB Packet Storm
294862 - apple safari WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to read arbitrary files via a crafted web site. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3690 2024-11-21 10:41 2012-07-26 Show GitHub Exploit DB Packet Storm
294863 - apple safari WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site. CWE-20
 Improper Input Validation  		CVE-2012-3689 2024-11-21 10:41 2012-07-26 Show GitHub Exploit DB Packet Storm
294864 - apple safari WebKit in Apple Safari before 6.0 accesses uninitialized memory locations during the rendering of SVG images, which allows remote attackers to obtain sensitive information from process memory via a c… CWE-200
Information Exposure 		CVE-2012-3650 2024-11-21 10:41 2012-07-26 Show GitHub Exploit DB Packet Storm
294865 - isc
debian
canonical 		dhcp
debian_linux
ubuntu_linux 		Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. CWE-399
 Resource Management Errors 		CVE-2012-3954 2024-11-21 10:41 2012-07-25 Show GitHub Exploit DB Packet Storm
294866 - isc bind Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of … CWE-362
Race Condition 		CVE-2012-3868 2024-11-21 10:41 2012-07-25 Show GitHub Exploit DB Packet Storm
294867 - isc bind ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initializ… CWE-20
 Improper Input Validation  		CVE-2012-3817 2024-11-21 10:41 2012-07-25 Show GitHub Exploit DB Packet Storm
294868 - isc
canonical
debian 		dhcp
ubuntu_linux
debian_linux 		ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-3571 2024-11-21 10:41 2012-07-25 Show GitHub Exploit DB Packet Storm
294869 - isc dhcp Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifi… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-3570 2024-11-21 10:41 2012-07-25 Show GitHub Exploit DB Packet Storm
294870 - adrian_chadd rtg
rtg2 		Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php. CWE-89
SQL Injection 		CVE-2012-3881 2024-11-21 10:41 2012-07-13 Show GitHub Exploit DB Packet Storm