Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216351 5 警告 OSClass - OSClass におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-6308 2014-10-27 14:40 2014-09-15 Show GitHub Exploit DB Packet Storm
216352 4.3 警告 OSClass - OSClass におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-6280 2014-10-27 14:39 2014-09-15 Show GitHub Exploit DB Packet Storm
216353 7.5 危険 Banana Dance - Banana Dance におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-5244 2014-10-27 14:39 2012-12-19 Show GitHub Exploit DB Packet Storm
216354 4.3 警告 Joomla! - Joomla! 用 ja_purity テンプレートにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2413 2014-10-27 14:39 2012-05-3 Show GitHub Exploit DB Packet Storm
216355 1.9 注意 CareFusion - CareFusion Pyxis SupplyStation のハードウェアテストツールにおける重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2014-5423 2014-10-27 14:11 2014-10-15 Show GitHub Exploit DB Packet Storm
216356 9.7 危険 CareFusion - CareFusion Pyxis SupplyStation のハードウェアテストツールにおけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2014-5422 2014-10-27 14:09 2014-10-15 Show GitHub Exploit DB Packet Storm
216357 6.8 警告 CareFusion - CareFusion Pyxis SupplyStation のハードウェアテストツールにおける権限を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2014-5421 2014-10-27 14:08 2014-10-15 Show GitHub Exploit DB Packet Storm
216358 3.5 注意 CareFusion - CareFusion Pyxis SupplyStation のハードウェアテストツールにおけるアプリケーションファイルへのアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2014-5420 2014-10-27 14:08 2014-10-15 Show GitHub Exploit DB Packet Storm
216359 6.8 警告 ヒューレット・パッカード - HP-UX 上で稼動するHP System Management Homepage におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-7874 2014-10-27 11:59 2014-10-13 Show GitHub Exploit DB Packet Storm
216360 3.5 注意 IBM - IBM Tivoli Directory Server および IBM Security Directory Server の Admin UI におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-6100 2014-10-27 11:53 2014-10-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294371 - apache http_server The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to ca… CWE-399
 Resource Management Errors 		CVE-2012-4557 2024-11-21 10:43 2012-12-1 Show GitHub Exploit DB Packet Storm
294372 - ibm tivoli_endpoint_manager Unspecified vulnerability in Tivoli Endpoint Manager for Remote Control Broker 8.2 before 8.2.1-TIV-TEMRC821-IF0002 allows remote attackers to cause a denial of service (resource consumption) via unk… CWE-399
 Resource Management Errors 		CVE-2012-4841 2024-11-21 10:43 2012-11-29 Show GitHub Exploit DB Packet Storm
294373 - samsung printer_firmware The Samsung printer firmware before 20121031 has a hardcoded read-write SNMP community, which makes it easier for remote attackers to obtain administrative access via an SNMP request. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4964 2024-11-21 10:43 2012-11-28 Show GitHub Exploit DB Packet Storm
294374 - emc it_operations_intelligence EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vect… CWE-310
Cryptographic Issues 		CVE-2012-4615 2024-11-21 10:43 2012-11-28 Show GitHub Exploit DB Packet Storm
294375 - emc it_operations_intelligence The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact… CWE-287
Improper Authentication 		CVE-2012-4614 2024-11-21 10:43 2012-11-28 Show GitHub Exploit DB Packet Storm
294376 - emc rsa_adaptive_authentication_on-premise Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Adaptive Authentication On-Premise (AAOP) before 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vecto… CWE-79
Cross-site Scripting 		CVE-2012-4611 2024-11-21 10:43 2012-11-28 Show GitHub Exploit DB Packet Storm
294377 - xen xen The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not properly check the pagetable state when running on shadow pagetables, which allows a local HVM guest OS to cause a denial of serv… CWE-20
 Improper Input Validation  		CVE-2012-4538 2024-11-21 10:43 2012-11-25 Show GitHub Exploit DB Packet Storm
294378 - ruby-lang ruby The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4522 2024-11-21 10:43 2012-11-25 Show GitHub Exploit DB Packet Storm
294379 - tecnick tcexam Multiple cross-site scripting (XSS) vulnerabilities in admin/code/tce_select_users_popup.php in Nicola Asuni TCExam before 11.3.009 allow remote attackers to inject arbitrary web script or HTML via t… CWE-79
Cross-site Scripting 		CVE-2012-4602 2024-11-21 10:43 2012-11-24 Show GitHub Exploit DB Packet Storm
294380 - tecnick tcexam Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_g… CWE-89
SQL Injection 		CVE-2012-4601 2024-11-21 10:43 2012-11-24 Show GitHub Exploit DB Packet Storm