Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216491	4.3	警告	Free Document Management Software	-	OpenDocMan の odm-init.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4853	2014-07-14 13:53	2014-07-1	Show	GitHub Exploit DB Packet Storm

216492	7.5	危険	The Digital Craft	-	Digital Craft AtomCMS の admin/uploads.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-4852	2014-07-14 13:44	2014-07-7	Show	GitHub Exploit DB Packet Storm

216493	4	警告	レッドハット	-	Red Hat Enterprise Virtualization で使用される oVirt の ovirt-engine の REST API における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2014-3485	2014-07-14 10:50	2014-06-30	Show	GitHub Exploit DB Packet Storm

216494	4.3	警告	レッドハット	-	Red Hat Enterprise MRG で使用される Cumin における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2014-0174	2014-07-14 10:50	2014-07-9	Show	GitHub Exploit DB Packet Storm

216495	3.5	注意	Liferay	-	Liferay Portal に複数のクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2963	2014-07-11 19:11	2014-07-9	Show	GitHub Exploit DB Packet Storm

216496	8.3	危険	横河電機株式会社	-	CENTUM を含む複数の YOKOGAWA 製品にバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-3888	2014-07-11 19:08	2014-07-7	Show	GitHub Exploit DB Packet Storm

216497	6.8	警告	Piwigo	-	Piwigo におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-4614	2014-07-11 17:04	2014-03-25	Show	GitHub Exploit DB Packet Storm

216498	4.3	警告	Blogstand Banner plugin project	-	WordPress 用 Blogstand Banner プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4848	2014-07-11 14:39	2014-06-28	Show	GitHub Exploit DB Packet Storm

216499	4.3	警告	Buffercode	-	WordPress 用 Random Banner プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4847	2014-07-11 14:38	2014-06-28	Show	GitHub Exploit DB Packet Storm

216500	4.3	警告	Matcha Labs	-	WordPress 用 Meta Slider プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4846	2014-07-11 14:37	2014-06-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293561	-	ibm	infosphere_guardium	The datasource definition editor in IBM InfoSphere Guardium 8.2 and earlier, when the save-password setting is enabled, transmits cleartext database credentials, which allows remote attackers to obta…	CWE-310 Cryptographic Issues	CVE-2012-3312	2024-11-21 10:40	2012-08-30	Show	GitHub Exploit DB Packet Storm

293562	-	ibm	infosphere_guardium	Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and earlier, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote …	CWE-352 Origin Validation Error	CVE-2012-3309	2024-11-21 10:40	2012-08-30	Show	GitHub Exploit DB Packet Storm

293563	-	ibm	websphere_mq	IBM WebSphere MQ 7.1, when an SVRCONN channel is used, allows remote attackers to bypass the security-configuration setup step and obtain queue-manager access via unspecified vectors.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-3295	2024-11-21 10:40	2012-08-30	Show	GitHub Exploit DB Packet Storm

293564	-	apache	qpid	Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication.	CWE-287 Improper Authentication	CVE-2012-3467	2024-11-21 10:40	2012-08-28	Show	GitHub Exploit DB Packet Storm

293565	-	sgi	performance_co-pilot	The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by se…	NVD-CWE-Other	CVE-2012-3421	2024-11-21 10:40	2012-08-28	Show	GitHub Exploit DB Packet Storm

293566	-	sgi	performance_co-pilot	Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted…	CWE-399 Resource Management Errors	CVE-2012-3420	2024-11-21 10:40	2012-08-28	Show	GitHub Exploit DB Packet Storm

293567	-	sgi	performance_co-pilot	Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file system, which allows attackers to obtain sensitive information such as proc/pid/maps and command line arguments.	CWE-200 Information Exposure	CVE-2012-3419	2024-11-21 10:40	2012-08-28	Show	GitHub Exploit DB Packet Storm

293568	-	gnu	bash	Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properl…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-3410	2024-11-21 10:40	2012-08-28	Show	GitHub Exploit DB Packet Storm

293569	-	sgi	performance_co-pilot	libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the…	CWE-189 Numeric Errors	CVE-2012-3418	2024-11-21 10:40	2012-08-28	Show	GitHub Exploit DB Packet Storm

293570	-	google	tunnelblick	Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process.	CWE-362 Race Condition	CVE-2012-3487	2024-11-21 10:40	2012-08-27	Show	GitHub Exploit DB Packet Storm