Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216601	4.3	警告	wp-tmkm-amazon project	-	WordPress 用 wp-tmkm-amazon プラグインの wp-tmkm-amazon-search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4598	2014-07-7 18:26	2014-06-12	Show	GitHub Exploit DB Packet Storm

216602	4.3	警告	Shaon	-	WordPress 用 Hot Files: File Sharing and Download Manager プラグインの tpls/editmedia.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4588	2014-07-7 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

216603	4.3	警告	SVN Labs Softwares.	-	WordPress 用 HTML5 Video Player with Playlist プラグインの videoplayer/autoplay.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4534	2014-07-7 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

216604	4.3	警告	SnapApp	-	WordPress 用 SnapApp プラグインの js/button-snapapp.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4596	2014-07-7 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

216605	4.3	警告	WP GuestMap project	-	WordPress 用 WP GuestMap プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4587	2014-07-7 18:26	2014-06-12	Show	GitHub Exploit DB Packet Storm

216606	4.3	警告	WP Consultant project	-	WordPress 用 WP Consultant プラグインの admin/admin_show_dialogs.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4582	2014-07-7 18:26	2014-06-12	Show	GitHub Exploit DB Packet Storm

216607	4.3	警告	Zen-Dreams	-	WordPress 用 ZdStatistics プラグインの cal/test.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4605	2014-07-7 18:26	2014-05-28	Show	GitHub Exploit DB Packet Storm

216608	4.3	警告	WP RESTful project	-	WordPress 用 WP RESTful プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4595	2014-07-7 18:26	2014-06-12	Show	GitHub Exploit DB Packet Storm

216609	4.3	警告	Jordesign	-	WordPress 用 WordPress Responsive Preview プラグインの index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4594	2014-07-7 18:26	2014-06-12	Show	GitHub Exploit DB Packet Storm

216610	4.3	警告	WP BlipBot project	-	WordPress 用 WP BlipBot プラグインの blipbot.ajax.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4580	2014-07-7 18:26	2014-06-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295501	-	ibm	rational_appscan	Unrestricted file upload vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allows remote authenticated users to execute arbitrary ASP.NET code by uploading a .aspx file, and…	NVD-CWE-Other	CVE-2012-0729	2024-11-21 10:35	2012-05-3	Show	GitHub Exploit DB Packet Storm

295502	-	pythonpaste	paste	Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leverag…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-0878	2024-11-21 10:35	2012-05-2	Show	GitHub Exploit DB Packet Storm

295503	-	mumble	mumble	Mumble 1.2.3 and earlier uses world-readable permissions for .local/share/data/Mumble/.mumble.sqlite files in home directories, which might allow local users to obtain a cleartext password and config…	CWE-310 Cryptographic Issues	CVE-2012-0863	2024-11-21 10:35	2012-04-30	Show	GitHub Exploit DB Packet Storm

295504	-	mozilla	bugzilla	template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1 does not properly handle multiple logins, which allows remot…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-0466	2024-11-21 10:35	2012-04-28	Show	GitHub Exploit DB Packet Storm

295505	-	mozilla	bugzilla	Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1, when the inbound_proxies option is enabled, does not properly validate the X-Forwarded-For HTTP …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-0465	2024-11-21 10:35	2012-04-28	Show	GitHub Exploit DB Packet Storm

295506	-	mozilla	firefox thunderbird thunderbird_esr seamonkey	Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the addres…	NVD-CWE-Other	CVE-2012-0479	2024-11-21 10:35	2012-04-25	Show	GitHub Exploit DB Packet Storm

295507	-	mozilla	firefox thunderbird thunderbird_esr seamonkey	The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonk…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-0478	2024-11-21 10:35	2012-04-25	Show	GitHub Exploit DB Packet Storm

295508	-	mozilla	firefox thunderbird thunderbird_esr seamonkey	Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonke…	CWE-79 Cross-site Scripting	CVE-2012-0477	2024-11-21 10:35	2012-04-25	Show	GitHub Exploit DB Packet Storm

295509	-	mozilla	firefox thunderbird seamonkey	Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-0475	2024-11-21 10:35	2012-04-25	Show	GitHub Exploit DB Packet Storm

295510	-	mozilla	firefox thunderbird thunderbird_esr seamonkey	Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before …	CWE-79 Cross-site Scripting	CVE-2012-0474	2024-11-21 10:35	2012-04-25	Show	GitHub Exploit DB Packet Storm