Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216571 6.5 警告 TestLink Development Team - TestLink における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-0938 2014-08-18 12:06 2012-02-20 Show GitHub Exploit DB Packet Storm
216572 4 警告 Outlook.com - Android 版 Outlook.com における SSL サーバ証明書の検証不備の脆弱性 CWE-Other
その他 		CVE-2014-5239 2014-08-18 10:09 2014-07-30 Show GitHub Exploit DB Packet Storm
216573 4.3 警告 富士通 - ServerView Operations Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3898 2014-08-18 10:04 2014-08-1 Show GitHub Exploit DB Packet Storm
216574 7.8 危険 ラリタン・ジャパン株式会社 - Dominion KX2-101 におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-3901 2014-08-18 09:43 2014-08-12 Show GitHub Exploit DB Packet Storm
216575 7.5 危険 ZPanel Project - ZPanel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-6654 2014-08-15 18:48 2012-11-4 Show GitHub Exploit DB Packet Storm
216576 7.5 危険 ZPanel Project - ZPanel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-5685 2014-08-15 18:47 2012-11-4 Show GitHub Exploit DB Packet Storm
216577 4.3 警告 ZPanel Project - ZPanel におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5684 2014-08-15 18:46 2012-11-4 Show GitHub Exploit DB Packet Storm
216578 6.8 警告 ZPanel Project - ZPanel におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-5683 2014-08-15 18:46 2012-11-4 Show GitHub Exploit DB Packet Storm
216579 7.5 危険 Biblio Autocomplete Project - Drupal 用 Biblio Autocomplete モジュールの AJAX オートコンプリートのコールバックにおけるデータにアクセスされる脆弱性 CWE-noinfo
情報不足 		CVE-2014-5250 2014-08-15 18:19 2014-08-5 Show GitHub Exploit DB Packet Storm
216580 7.5 危険 Biblio Autocomplete Project - Drupal 用 Biblio Autocomplete モジュールの "Biblio self autocomplete" サブモジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5249 2014-08-15 18:19 2014-08-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294291 - david_alkire drag_\&_drop_gallery Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators. CWE-352
 Origin Validation Error 		CVE-2012-4478 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
294292 - david_alkire drag_\&_drop_gallery Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4477 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
294293 - david_alkire drag_\&_drop_gallery Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-4476 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
294294 - security_questions_project security_questions The Security Questions module for Drupal 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.1 does not properly restrict access, which allows remote attackers to edit an arbitrary user's questions and a… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4475 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
294295 - colorbox_node dennis_blake Multiple cross-site scripting (XSS) vulnerabilities in the Colorbox Node module 7.x-2.x before 7.x-2.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified paramet… CWE-79
Cross-site Scripting 		CVE-2012-4474 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
294296 - christian_johansson restrict_node_page_view The Restrict node page view module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "view any node page" or "view any node {type} page" permission to access unpublished no… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4473 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
294297 - david_alkire drag_\&_drop_gallery Unrestricted file upload vulnerability in upload.php in the Drag & Drop Gallery module 6.x-1.5 and earlier for Drupal allows remote attackers to execute arbitrary PHP code by uploading a file with an… NVD-CWE-Other
CVE-2012-4472 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
294298 - dominique_clause search_autocomplete The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the p… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4471 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
294299 - philip_ludlam listhandler The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4470 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
294300 - simon_rycroft hashcash Cross-site scripting (XSS) vulnerability in the Hashcash module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.2 for Drupal, when "Log failed hashcash" is enabled, allows remote attackers to inject … CWE-79
Cross-site Scripting 		CVE-2012-4469 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm