Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216691	4.3	警告	HC Consulting Group	-	WordPress 用 Spotlight プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4552	2014-07-4 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

216692	4.3	警告	Flash Photo Gallery project	-	WordPress 用 Flash Photo Gallery プラグインの fpg_preview.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4529	2014-07-4 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

216693	4.3	警告	Game tabs project	-	WordPress 用 Game tabs プラグインの main_page.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4531	2014-07-4 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

216694	4.3	警告	Rodrigo Primo	-	WordPress 用 Social Connect プラグインの diagnostics/test.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4551	2014-07-4 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

216695	4.3	警告	EnvialoSimple	-	WordPress 用 EnvialoSimple: Email Marketing and Newsletters プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4527	2014-07-4 18:26	2014-05-28	Show	GitHub Exploit DB Packet Storm

216696	4.3	警告	efence project	-	WordPress 用 efence プラグインの callback.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4526	2014-07-4 18:26	2014-05-28	Show	GitHub Exploit DB Packet Storm

216697	4.3	警告	WP Easy Post Types project	-	WordPress 用 WP Easy Post Types プラグインの classes/custom-image/media.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4524	2014-07-4 18:26	2014-05-28	Show	GitHub Exploit DB Packet Storm

216698	4.3	警告	Diverse Solutions	-	WordPress 用 dsSearchAgent: WordPress Edition プラグインの client-assist.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4522	2014-07-4 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

216699	6.8	警告	Cherokee Project	-	Cherokee の validator_ldap.c 内の cherokee_validator_ldap_check 関数における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2014-4668	2014-07-4 14:01	2014-02-12	Show	GitHub Exploit DB Packet Storm

216700	5.1	警告	Google	-	Android の KeyStore サービスの /system/bin/keystore におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-3100	2014-07-4 13:56	2014-06-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293731	-	artis.imag	basilic	Config/diff.php in Basilic 1.5.14 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter.	CWE-20 Improper Input Validation	CVE-2012-3399	2024-11-21 10:40	2012-07-13	Show	GitHub Exploit DB Packet Storm

293732	-	apache	hadoop	DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow …	CWE-310 Cryptographic Issues	CVE-2012-3376	2024-11-21 10:40	2012-07-13	Show	GitHub Exploit DB Packet Storm

293733	-	cisco	telepresence_recording_server	The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.	CWE-78 OS Command	CVE-2012-3076	2024-11-21 10:40	2012-07-12	Show	GitHub Exploit DB Packet Storm

293734	-	cisco	telepresence_system_software telepresence_system_1300_65 telepresence_system_3000 telepresence_system_3010 telepresence_system_3200 telepresence_system_3210 telepresence_system_t3	The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443,…	CWE-78 OS Command	CVE-2012-3075	2024-11-21 10:40	2012-07-12	Show	GitHub Exploit DB Packet Storm

293735	-	cisco	telepresence_system_software telepresence_system_1300_65 telepresence_system_3000 telepresence_system_3010 telepresence_system_3200 telepresence_system_3210 telepresence_system_t3	An unspecified API on Cisco TelePresence Immersive Endpoint Devices before 1.9.1 allows remote attackers to execute arbitrary commands by leveraging certain adjacency and sending a malformed request …	CWE-78 OS Command	CVE-2012-3074	2024-11-21 10:40	2012-07-12	Show	GitHub Exploit DB Packet Storm

293736	-	cisco	telepresence_multipoint_switch_software telepresence_multipoint_switch telepresence_system_software telepresence_system_1300_65 telepresence_system_3000 telepresence_system_3010 tel…	The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to…	NVD-CWE-Other	CVE-2012-3073	2024-11-21 10:40	2012-07-12	Show	GitHub Exploit DB Packet Storm

293737	-	astaro sophos	security_gateway_software security_gateway unified_threat_management_software unified_threat_management	Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Co…	CWE-79 Cross-site Scripting	CVE-2012-3238	2024-11-21 10:40	2012-07-10	Show	GitHub Exploit DB Packet Storm

293738	-	synel	sy-780\/a_time_\&_attendance_terminal	The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735.	CWE-399 Resource Management Errors	CVE-2012-2970	2024-11-21 10:40	2012-07-10	Show	GitHub Exploit DB Packet Storm

293739	-	elitecore	cyberoam_unified_threat_management	The default configuration of Cyberoam UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in…	CWE-310 Cryptographic Issues	CVE-2012-3372	2024-11-21 10:40	2012-07-9	Show	GitHub Exploit DB Packet Storm

293740	-	pidgin	pidgin	Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-3374	2024-11-21 10:40	2012-07-7	Show	GitHub Exploit DB Packet Storm