Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216441 7.8 危険 Linux - Linux Kernel で使用される Ceph の net/ceph/auth_x.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-6417 2014-09-30 16:20 2014-09-17 Show GitHub Exploit DB Packet Storm
216442 7.8 危険 Linux - Linux Kernel で使用される Ceph の net/ceph/auth_x.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-6416 2014-09-30 16:18 2014-09-17 Show GitHub Exploit DB Packet Storm
216443 7.2 危険 Linux - Linux Kernel の lib/assoc_array.c の associative-array の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2014-3631 2014-09-30 16:13 2014-09-17 Show GitHub Exploit DB Packet Storm
216444 6.9 警告 Linux - Linux Kernel の drivers/hid/hid-logitech-dj.c におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-3183 2014-09-30 16:10 2014-09-5 Show GitHub Exploit DB Packet Storm
216445 4.9 警告 Linux - Linux Kernel の net/core/sock.c の sock_setsockopt 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-6657 2014-09-30 16:07 2012-10-13 Show GitHub Exploit DB Packet Storm
216446 6.9 警告 Google
Linux		 - Nexus 7 デバイス上の Android で使用される Linux Kernel の PicoLCD HID デバイスドライバにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-3186 2014-09-30 13:37 2014-08-25 Show GitHub Exploit DB Packet Storm
216447 9.3 危険 IBM - IBM Security QRadar SIEM における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2014-3062 2014-09-30 12:10 2014-09-5 Show GitHub Exploit DB Packet Storm
216448 7.5 危険 Katz Web Services, Inc. - WordPress 用 Infusionsoft Gravity Forms プラグインにおける任意のファイルをアップロードされる脆弱性 CWE-94
コード・インジェクション 		CVE-2014-6446 2014-09-30 11:43 2014-09-12 Show GitHub Exploit DB Packet Storm
216449 5.4 警告 CasinoGame - Android 用 Video Poker Casino アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5631 2014-09-29 18:51 2014-09-3 Show GitHub Exploit DB Packet Storm
216450 5.4 警告 Gameloft - Android 用 Wonder Zoo - Animal rescue ! アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5628 2014-09-29 18:51 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294291 6.1 MEDIUM
Network 		mediawiki mediawiki Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, allow remote attackers to inject arbitrary web s… CWE-79
Cross-site Scripting 		CVE-2012-4378 2024-11-21 10:42 2017-10-27 Show GitHub Exploit DB Packet Storm
294292 6.1 MEDIUM
Network 		mediawiki mediawiki Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image. CWE-79
Cross-site Scripting 		CVE-2012-4377 2024-11-21 10:42 2017-10-27 Show GitHub Exploit DB Packet Storm
294293 4.9 MEDIUM
Network 		mediawiki mediawiki MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt. CWE-200
Information Exposure 		CVE-2012-4382 2024-11-21 10:42 2017-10-20 Show GitHub Exploit DB Packet Storm
294294 7.5 HIGH
Network 		mediawiki mediawiki MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass GlobalBlocking extension IP address blocking and create an account via unspecified vectors. CWE-284
Improper Access Control 		CVE-2012-4380 2024-11-21 10:42 2017-10-20 Show GitHub Exploit DB Packet Storm
294295 6.5 MEDIUM
Network 		mediawiki mediawiki MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response i… CWE-284
Improper Access Control 		CVE-2012-4379 2024-11-21 10:42 2017-10-20 Show GitHub Exploit DB Packet Storm
294296 - group-office groupoffice SQL injection vulnerability in modules/calendar/json.php in Group-Office community before 4.0.90 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter. CWE-89
SQL Injection 		CVE-2012-4240 2024-11-21 10:42 2014-09-11 Show GitHub Exploit DB Packet Storm
294297 - phorum phorum Cross-site scripting (XSS) vulnerability in the group moderation screen in the control center (control.php) in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via … CWE-79
Cross-site Scripting 		CVE-2012-4234 2024-11-21 10:42 2014-09-4 Show GitHub Exploit DB Packet Storm
294298 - qpw.famvanakkeren quick_post_widget Multiple cross-site scripting (XSS) vulnerabilities in Quick Post Widget plugin 1.9.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Title, (2) Content, or (3… CWE-79
Cross-site Scripting 		CVE-2012-4226 2024-11-21 10:42 2014-09-3 Show GitHub Exploit DB Packet Storm
294299 - microcart_project microcart Multiple cross-site scripting (XSS) vulnerabilities in Microcart 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO or (2) query string to _admin/index.php or (3)… CWE-79
Cross-site Scripting 		CVE-2012-4241 2024-11-21 10:42 2014-08-13 Show GitHub Exploit DB Packet Storm
294300 - tinymce tinymce The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the (1) encoding directive and (2) valid_elements attribute, which allows attackers to conduct cross-site … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4230 2024-11-21 10:42 2014-04-25 Show GitHub Exploit DB Packet Storm