Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216401 4.4 警告 ヒューレット・パッカード - HP Operations Agent における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2014-2630 2014-08-13 16:12 2014-08-7 Show GitHub Exploit DB Packet Storm
216402 4 警告 ヒューレット・パッカード - HP Enterprise Maps における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2014-2628 2014-08-13 16:11 2014-07-31 Show GitHub Exploit DB Packet Storm
216403 5 警告 IBM - IBM Business Process Manager における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-3076 2014-08-13 16:10 2014-07-31 Show GitHub Exploit DB Packet Storm
216404 4.3 警告 IBM - IBM Security Access Manager for Mobile におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4751 2014-08-13 15:28 2014-07-30 Show GitHub Exploit DB Packet Storm
216405 2.1 注意 IBM - IBM Content Collector の Outlook Extension における Reviewer 権限の要求を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4757 2014-08-13 15:27 2014-07-31 Show GitHub Exploit DB Packet Storm
216406 3.5 注意 IBM - IBM Curam Social Program Management の Universal Access コンポーネントにおける CRLF インジェクションの脆弱性 CWE-Other
その他 		CVE-2014-3069 2014-08-13 15:26 2014-08-7 Show GitHub Exploit DB Packet Storm
216407 3.5 注意 IBM - IBM Tivoli Business Service Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3031 2014-08-13 15:24 2014-08-1 Show GitHub Exploit DB Packet Storm
216408 4 警告 IBM - IBM InfoSphere Optim Data Growth Solution for JD Edwards EnterpriseOne における重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2013-5433 2014-08-13 15:23 2013-11-18 Show GitHub Exploit DB Packet Storm
216409 5.8 警告 IBM - IBM WebSphere Portal におけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2014-4760 2014-08-13 14:43 2014-07-30 Show GitHub Exploit DB Packet Storm
216410 5 警告 IBM - IBM WebSphere Portal におけるイントラネットのネットワークをマッピングされる脆弱性 CWE-200
情報漏えい 		CVE-2014-4746 2014-08-13 14:42 2014-07-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292831 - fortinet fortigate-3140b
fortigate-60c
fortigate-3040b
fortigate-300c
fortigate-600c
fortigate-5001a-sw
fortigate-3240c
fortigate-310b
fortigate-800c
fortigate-5020
fortigate-100… 		The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier … CWE-295
Improper Certificate Validation  		CVE-2012-4948 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
292832 - ibm websphere_application_server Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hij… CWE-352
 Origin Validation Error 		CVE-2012-4853 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
292833 - ibm websphere_application_server Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. CWE-79
Cross-site Scripting 		CVE-2012-4851 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
292834 - ibm websphere_application_server IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1, when JAX-RS is used, does not properly validate requests, which allows remote attackers to gain privileges via unspecified vectors. CWE-20
 Improper Input Validation  		CVE-2012-4850 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
292835 - ibm cognos_business_intelligence IBM Cognos Business Intelligence (BI) 8.4 and 8.4.1 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted request containing a zero-valued byte. CWE-189
Numeric Errors 		CVE-2012-4847 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
292836 - microsoft .net_framework The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary c… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4777 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
292837 - microsoft .net_framework The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy setting… CWE-20
 Improper Input Validation  		CVE-2012-4776 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
292838 - microsoft internet_explorer Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability." CWE-399
 Resource Management Errors 		CVE-2012-4775 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
292839 - bestpractical rt Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG clie… CWE-94
Code Injection 		CVE-2012-4884 2024-11-21 10:43 2012-11-11 Show GitHub Exploit DB Packet Storm
292840 - bestpractical rt Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "mod… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4734 2024-11-21 10:43 2012-11-11 Show GitHub Exploit DB Packet Storm