Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216631	5	警告	シスコシステムズ	-	Cisco Unified Communications Domain Manager の VOSS の Web フレームワークにおけるアカウントを列挙される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-3278	2014-06-10 16:49	2014-06-6	Show	GitHub Exploit DB Packet Storm

216632	10	危険	Libav	-	Libav における脆弱性	CWE-noinfo 情報不足	CVE-2014-3984	2014-06-10 16:19	2014-06-1	Show	GitHub Exploit DB Packet Storm

216633	2.6	注意	MediaWiki	-	MediaWiki の Special:PasswordReset におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-3966	2014-06-10 16:15	2014-05-29	Show	GitHub Exploit DB Packet Storm

216634	6.5	警告	Developer Express	-	DevExpress ASPxFileManager Control for ASP.NET WebForms and MVC におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-2575	2014-06-10 16:10	2014-04-17	Show	GitHub Exploit DB Packet Storm

216635	7.5	危険	DELL EMC (旧 EMC Corporation)	-	EMC Documentum Content Server における DQL インジェクション攻撃を実行される脆弱性	CWE-20 不適切な入力確認	CVE-2014-2508	2014-06-10 15:35	2014-06-5	Show	GitHub Exploit DB Packet Storm

216636	8.5	危険	DELL EMC (旧 EMC Corporation)	-	EMC Documentum Content Server における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2014-2507	2014-06-10 15:35	2014-06-5	Show	GitHub Exploit DB Packet Storm

216637	8.5	危険	DELL EMC (旧 EMC Corporation)	-	EMC Documentum Content Server におけるシステムオブジェクト作成用のスーパーユーザ権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2506	2014-06-10 15:34	2014-06-5	Show	GitHub Exploit DB Packet Storm

216638	5	警告	DDSN Interactive	-	DDSN Interactive cm3 Acora CMS における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-4728	2014-06-10 13:29	2013-08-26	Show	GitHub Exploit DB Packet Storm

216639	5	警告	DDSN Interactive	-	DDSN Interactive cm3 Acora CMS における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-4727	2014-06-10 13:29	2013-08-26	Show	GitHub Exploit DB Packet Storm

216640	5	警告	DDSN Interactive	-	DDSN Interactive cm3 Acora CMS における Cookie をキャプチャされる脆弱性	CWE-200 情報漏えい	CVE-2013-4725	2014-06-10 13:29	2013-08-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295091	-	mathieu_vidal	mv_cooking	SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the …	CWE-89 SQL Injection	CVE-2012-1071	2024-11-21 10:36	2012-02-15	Show	GitHub Exploit DB Packet Storm

295092	-	netcreators	irfaq	Cross-site scripting (XSS) vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspeci…	CWE-79 Cross-site Scripting	CVE-2012-1070	2024-11-21 10:36	2012-02-15	Show	GitHub Exploit DB Packet Storm

295093	-	instantphp	lknsupport	Cross-site scripting (XSS) vulnerability in module/kb/search_word in the search module in lknSupport allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.	CWE-79 Cross-site Scripting	CVE-2012-1069	2024-11-21 10:36	2012-02-15	Show	GitHub Exploit DB Packet Storm

295094	-	mg12	wp-recentcomments	Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML …	CWE-79 Cross-site Scripting	CVE-2012-1068	2024-11-21 10:36	2012-02-15	Show	GitHub Exploit DB Packet Storm

295095	-	mg12	wp-recentcomments	SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. N…	CWE-89 SQL Injection	CVE-2012-1067	2024-11-21 10:36	2012-02-15	Show	GitHub Exploit DB Packet Storm

295096	-	smartycms	smartycms	Cross-site scripting (XSS) vulnerability in the template module in SmartyCMS 0.9.4 allows remote attackers to inject arbitrary web script or HTML via the title bar.	CWE-79 Cross-site Scripting	CVE-2012-1066	2024-11-21 10:36	2012-02-15	Show	GitHub Exploit DB Packet Storm

295097	-	2x	applicationserver	Insecure method vulnerability in TuxScripting.dll in the TuxSystem ActiveX control in 2X ApplicationServer 10.1 Build 1224 allows remote attackers to create or overwrite arbitrary files via the Expor…	NVD-CWE-Other	CVE-2012-1065	2024-11-21 10:36	2012-02-15	Show	GitHub Exploit DB Packet Storm

295098	-	netsarang	xmanager_enterprise xlpd	NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service (daemon crash) via a malformed LPD request.	NVD-CWE-noinfo	CVE-2012-1009	2024-11-21 10:36	2012-02-15	Show	GitHub Exploit DB Packet Storm

295099	-	manageengine	applications_manager	Multiple SQL injection vulnerabilities in ManageEngine Applications Manager 9.x and 10.x allow remote attackers to execute arbitrary SQL commands via the (1) viewId parameter to fault/AlarmView.do or…	CWE-89 SQL Injection	CVE-2012-1063	2024-11-21 10:36	2012-02-14	Show	GitHub Exploit DB Packet Storm

295100	-	manageengine	applications_manager	Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager 9.x and 10.x allow remote attackers to inject arbitrary web script or HTML via the (1) period parameter to sho…	CWE-79 Cross-site Scripting	CVE-2012-1062	2024-11-21 10:36	2012-02-14	Show	GitHub Exploit DB Packet Storm