Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216541 6.8 警告 DELL EMC (旧 EMC Corporation) - 複数の EMC 製品で使用される EMC Documentum Foundation Services の JAXB XML パーサにおける任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2014-2510 2014-07-9 14:07 2014-07-7 Show GitHub Exploit DB Packet Storm
216542 4.3 警告 D-Link Systems, Inc. - D-Link DIR-645 ルータのファームウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-7389 2014-07-9 13:40 2013-12-19 Show GitHub Exploit DB Packet Storm
216543 4.3 警告 Custom Banners plugin project - WordPress 用 Custom Banners プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4724 2014-07-9 12:12 2014-06-29 Show GitHub Exploit DB Packet Storm
216544 4.3 警告 BannerSky - WordPress 用 Easy Banners プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4723 2014-07-9 12:12 2014-06-29 Show GitHub Exploit DB Packet Storm
216545 7.5 危険 Yii Framework - Yii PHP Framework の CDetailView ウィジェットにおける任意の PHP スクリプトを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-4672 2014-07-9 11:56 2014-06-29 Show GitHub Exploit DB Packet Storm
216546 5 警告 Kryo - iodine の iodined.c および user.c における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2014-4168 2014-07-9 11:41 2014-06-17 Show GitHub Exploit DB Packet Storm
216547 4.3 警告 OpenStack - OpenStack Swift におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3497 2014-07-9 11:23 2014-06-19 Show GitHub Exploit DB Packet Storm
216548 10 危険 オートデスク株式会社 - Autodesk VRED に OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2014-2967 2014-07-9 09:27 2014-07-3 Show GitHub Exploit DB Packet Storm
216549 4.3 警告 SpamTitan Technologies - SpamTitan にクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2965 2014-07-9 09:27 2014-06-23 Show GitHub Exploit DB Packet Storm
216550 5 警告 Ricardo SIGNES - Perl 用 Email::Address モジュールの parse 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2014-4720 2014-07-8 18:57 2014-06-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
295121 - iproute2_project iproute2 iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client-script. CWE-59
Link Following 		CVE-2012-1088 2024-11-21 10:36 2014-02-15 Show GitHub Exploit DB Packet Storm
295122 - redhat jboss_operations_network Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote attackers to login … CWE-287
Improper Authentication 		CVE-2012-1100 2024-11-21 10:36 2014-02-15 Show GitHub Exploit DB Packet Storm
295123 - opensuse opensuse
osc 		osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1095 2024-11-21 10:36 2014-02-7 Show GitHub Exploit DB Packet Storm
295124 - cisco unified_computing_system The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via malformed show-macstats parameters, aka Bug ID CSCub13772. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1313 2024-11-21 10:36 2013-09-28 Show GitHub Exploit DB Packet Storm
295125 - juniper networks_mobility_system_software Cross-site scripting (XSS) vulnerability in the WebAAA login functionality (wba_login.html) in Juniper Networks Mobility System Software (MSS) 7.6.x before 7.6.3, 7.7.x before 7.7.1, 7.5.x before 7.5… CWE-79
Cross-site Scripting 		CVE-2012-1038 2024-11-21 10:36 2013-04-3 Show GitHub Exploit DB Packet Storm
295126 - mit kerberos_5 The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts t… CWE-476
 NULL Pointer Dereference 		CVE-2012-1016 2024-11-21 10:36 2013-03-5 Show GitHub Exploit DB Packet Storm
295127 - emc rsa_archer_smartsuite
rsa_archer_egrc 		Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to inject arbitrary web script or HTML via u… CWE-79
Cross-site Scripting 		CVE-2012-1064 2024-11-21 10:36 2013-02-6 Show GitHub Exploit DB Packet Storm
295128 - canonical
sebastian_heinlein 		ubuntu_linux
aptdaemon 		Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-t… NVD-CWE-noinfo
CVE-2012-0962 2024-11-21 10:36 2012-12-27 Show GitHub Exploit DB Packet Storm
295129 - debian apt
advanced_package_tool 		Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable perm… CWE-200
Information Exposure 		CVE-2012-0961 2024-11-21 10:36 2012-12-27 Show GitHub Exploit DB Packet Storm
295130 - ps_project_management_team unity-firefox-extension content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtai… NVD-CWE-Other
CVE-2012-0958 2024-11-21 10:36 2012-12-27 Show GitHub Exploit DB Packet Storm