Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216581	4.3	警告	Fonality	-	Fonality trixbox の user/help/html/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5110	2014-07-30 16:56	2014-07-17	Show	GitHub Exploit DB Packet Storm

216582	7.5	危険	Fonality	-	Fonality trixbox の maint/modules/endpointcfg/endpoint_generic.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5109	2014-07-30 16:56	2014-07-17	Show	GitHub Exploit DB Packet Storm

216583	4.3	警告	Silver Peak	-	Silver Peak VX の php/user_account.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2975	2014-07-30 16:42	2014-07-28	Show	GitHub Exploit DB Packet Storm

216584	6.8	警告	Silver Peak	-	Silver Peak VX の php/user_account.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-2974	2014-07-30 16:42	2014-07-28	Show	GitHub Exploit DB Packet Storm

216585	4.3	警告	コンクリートファイブ	-	concrete5 の single_pages\download_file.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5108	2014-07-30 16:28	2014-07-16	Show	GitHub Exploit DB Packet Storm

216586	5	警告	コンクリートファイブ	-	concrete5 におけるインストールパスを取得される脆弱性	CWE-200 情報漏えい	CVE-2014-5107	2014-07-30 16:16	2014-07-16	Show	GitHub Exploit DB Packet Storm

216587	4.3	警告	Invision Power Services, Inc	-	Invision Power IP.Board におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5106	2014-07-30 15:35	2014-07-16	Show	GitHub Exploit DB Packet Storm

216588	4.3	警告	berliOS	-	OL-Commerce におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5105	2014-07-30 15:01	2014-07-17	Show	GitHub Exploit DB Packet Storm

216589	7.5	危険	berliOS	-	OL-Commerce における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5104	2014-07-30 15:00	2014-07-17	Show	GitHub Exploit DB Packet Storm

216590	7.5	危険	Sabre Inc.	-	Sabre AirCentre Crew ソリューションに SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-4858	2014-07-30 13:36	2014-07-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
294751	-	vmware	workstation player fusion esxi esx	VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-2449	2024-11-21 10:39	2012-05-5	Show	GitHub Exploit DB Packet Storm

294752	-	vmware	esxi esx	VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via NFS traffic.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-2448	2024-11-21 10:39	2012-05-5	Show	GitHub Exploit DB Packet Storm

294753	-	asterisk	open_source	chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, all…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-2416	2024-11-21 10:39	2012-05-1	Show	GitHub Exploit DB Packet Storm

294754	-	asterisk	open_source	Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated use…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-2415	2024-11-21 10:39	2012-05-1	Show	GitHub Exploit DB Packet Storm

294755	-	asterisk	open_source	main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not prop…	CWE-287 Improper Authentication	CVE-2012-2414	2024-11-21 10:39	2012-05-1	Show	GitHub Exploit DB Packet Storm

294756	-	siemens	ruggedcom_rugged_operating_system	RuggedCom Rugged Operating System (ROS) before 3.3 has a factory account with a password derived from the MAC Address field in a banner, which makes it easier for remote attackers to obtain access by…	CWE-521 Weak Password Requirements	CVE-2012-2441	2024-11-21 10:39	2012-04-28	Show	GitHub Exploit DB Packet Storm

294757	-	tp-link	8840t	The default configuration of the TP-Link 8840T router enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly have unspecifie…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-2440	2024-11-21 10:39	2012-04-28	Show	GitHub Exploit DB Packet Storm

294758	-	netgear	prosafe_fvs318n	The default configuration of the NETGEAR ProSafe FVS318N firewall enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly hav…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-2439	2024-11-21 10:39	2012-04-28	Show	GitHub Exploit DB Packet Storm

294759	-	intuit	quickbooks	The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote atta…	CWE-20 Improper Input Validation	CVE-2012-2425	2024-11-21 10:39	2012-04-26	Show	GitHub Exploit DB Packet Storm

294760	-	intuit	quickbooks	The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote atta…	NVD-CWE-Other	CVE-2012-2424	2024-11-21 10:39	2012-04-26	Show	GitHub Exploit DB Packet Storm