Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216411 3.5 注意 IBM - IBM Curam Social Program Management におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3013 2014-06-20 14:05 2014-06-9 Show GitHub Exploit DB Packet Storm
216412 3.5 注意 IBM - IBM Curam Social Program Management における CRLF インジェクションの脆弱性 CWE-Other
その他 		CVE-2014-3012 2014-06-20 14:05 2014-06-9 Show GitHub Exploit DB Packet Storm
216413 3.5 注意 IBM - IBM WebSphere Portal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0910 2014-06-20 14:04 2014-06-6 Show GitHub Exploit DB Packet Storm
216414 4.3 警告 Novell - Linux 上で稼働する Novell Open Enterprise Server の iPrint におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0599 2014-06-20 13:47 2014-05-29 Show GitHub Exploit DB Packet Storm
216415 10 危険 Novell - Linux 上で稼働する Novell Open Enterprise Server の iPrint におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-0598 2014-06-20 13:47 2014-05-29 Show GitHub Exploit DB Packet Storm
216416 4 警告 シスコシステムズ - Cisco Adaptive Security Appliance ソフトウェアの WebVPN ポータルにおける重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2151 2014-06-20 12:18 2014-06-17 Show GitHub Exploit DB Packet Storm
216417 9.3 危険 Wireshark - Wireshark の libpcap ファイルパーサの wiretap/libpcap.c における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-4174 2014-06-20 12:17 2014-04-9 Show GitHub Exploit DB Packet Storm
216418 9.3 危険 マイクロソフト - Microsoft Internet Explorer 9 から 11 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-2782 2014-06-20 11:53 2014-06-10 Show GitHub Exploit DB Packet Storm
216419 4.3 警告 マイクロソフト - Microsoft Malware Protection Engine の mpengine.dll におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2779 2014-06-20 11:51 2014-06-17 Show GitHub Exploit DB Packet Storm
216420 7.5 危険 WebTitan - WebTitan の categories-x.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-4307 2014-06-20 11:35 2014-04-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293821 - xarrow xarrow The server in xArrow before 3.4.1 performs an invalid read operation, which allows remote attackers to execute arbitrary code via unspecified vectors. CWE-189
Numeric Errors 		CVE-2012-2429 2024-11-21 10:39 2012-05-26 Show GitHub Exploit DB Packet Storm
293822 - xarrow xarrow Integer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via a crafted packet that triggers an out-of-bounds read operation. CWE-189
Numeric Errors 		CVE-2012-2428 2024-11-21 10:39 2012-05-26 Show GitHub Exploit DB Packet Storm
293823 - xarrow xarrow Heap-based buffer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via packets that trigger an invalid free operation. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-2427 2024-11-21 10:39 2012-05-26 Show GitHub Exploit DB Packet Storm
293824 - xarrow xarrow The server in xArrow before 3.4.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors. CWE-399
 Resource Management Errors 		CVE-2012-2426 2024-11-21 10:39 2012-05-26 Show GitHub Exploit DB Packet Storm
293825 - netweblogic login_with_ajax Cross-site scripting (XSS) vulnerability in login-with-ajax.php in the Login With Ajax (aka login-with-ajax) plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script… CWE-79
Cross-site Scripting 		CVE-2012-2759 2024-11-21 10:39 2012-05-23 Show GitHub Exploit DB Packet Storm
293826 - atlassian
gliffy 		jira
gliffy
confluence_server 		The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to re… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2928 2024-11-21 10:39 2012-05-23 Show GitHub Exploit DB Packet Storm
293827 - tm_software tempo
tempo6.3.0
tempo6.3.2 		The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and 7.x before 7.0.3 for Atlassian JIRA does not properly restrict the capabilities of third-party XML parsers, which allows remote … CWE-399
 Resource Management Errors 		CVE-2012-2927 2024-11-21 10:39 2012-05-23 Show GitHub Exploit DB Packet Storm
293828 - xelex mobiletrack The Xelex MobileTrack application 2.3.7 and earlier for Android uses hardcoded credentials, which allows remote attackers to obtain sensitive information via an unencrypted (1) FTP or (2) HTTP sessio… CWE-255
Credentials Management 		CVE-2012-2567 2024-11-21 10:39 2012-05-23 Show GitHub Exploit DB Packet Storm
293829 - xelex mobiletrack The Xelex MobileTrack application 2.3.7 and earlier for Android does not verify the origin of SMS commands, which allows remote attackers to execute a (1) LOCATE, (2) TRACK, (3) UPDATECFG, (4) UPDATE… CWE-287
CWE-20
Improper Authentication
 Improper Input Validation  		CVE-2012-2562 2024-11-21 10:39 2012-05-23 Show GitHub Exploit DB Packet Storm
293830 - simple_php_agenda simple_php_agenda SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action. CWE-89
SQL Injection 		CVE-2012-2925 2024-11-21 10:39 2012-05-22 Show GitHub Exploit DB Packet Storm