Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216741	9	危険	オラクル	-	Oracle Database Server の Java VM における脆弱性	CWE-noinfo 情報不足	CVE-2014-6467	2014-10-17 09:46	2014-10-14	Show	GitHub Exploit DB Packet Storm

216742	9	危険	オラクル	-	Oracle Database Server の SQLJ における脆弱性	CWE-noinfo 情報不足	CVE-2014-6455	2014-10-17 09:46	2014-10-14	Show	GitHub Exploit DB Packet Storm

216743	4	警告	オラクル	-	Oracle Database Server の SQLJ における脆弱性	CWE-noinfo 情報不足	CVE-2014-6454	2014-10-17 09:46	2014-10-14	Show	GitHub Exploit DB Packet Storm

216744	9	危険	オラクル	-	Oracle Database Server の Java VM における脆弱性	CWE-noinfo 情報不足	CVE-2014-6453	2014-10-17 09:46	2014-10-14	Show	GitHub Exploit DB Packet Storm

216745	4	警告	オラクル	-	Oracle Database Server の SQLJ における脆弱性	CWE-noinfo 情報不足	CVE-2014-6452	2014-10-17 09:46	2014-10-14	Show	GitHub Exploit DB Packet Storm

216746	4	警告	オラクル	-	Oracle Database Server の JPublisher における脆弱性	CWE-noinfo 情報不足	CVE-2014-4310	2014-10-17 09:46	2014-10-14	Show	GitHub Exploit DB Packet Storm

216747	4	警告	オラクル	-	Oracle Database Server の SQLJ における脆弱性	CWE-noinfo 情報不足	CVE-2014-4300	2014-10-17 09:46	2014-10-14	Show	GitHub Exploit DB Packet Storm

216748	4	警告	オラクル	-	Oracle Database Server の SQLJ における脆弱性	CWE-noinfo 情報不足	CVE-2014-4299	2014-10-17 09:46	2014-10-14	Show	GitHub Exploit DB Packet Storm

216749	4	警告	オラクル	-	Oracle Database Server の SQLJ における脆弱性	CWE-noinfo 情報不足	CVE-2014-4298	2014-10-17 09:46	2014-10-14	Show	GitHub Exploit DB Packet Storm

216750	4	警告	オラクル	-	Oracle Database Server の JPublisher における脆弱性	CWE-noinfo 情報不足	CVE-2014-4297	2014-10-17 09:46	2014-10-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
296511	-	antoine_beaupre	hostmaster	The Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal does not properly exit when users do not have access to package/task nodes, which allows remote attackers to bypass intended access res…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-2707	2024-11-21 10:39	2012-06-27	Show	GitHub Exploit DB Packet Storm

296512	-	peter_pokrivcak	post_affiliate_pro	Cross-site scripting (XSS) vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to user registration.	CWE-79 Cross-site Scripting	CVE-2012-2706	2024-11-21 10:39	2012-06-27	Show	GitHub Exploit DB Packet Storm

296513	-	christopher_mitchell	smart_breadcrumb	The filter_titles function in the Smart Breadcrumb module 6.x-1.x before 6.x-1.3 for Drupal does not properly convert a title to plain-text, which allows remote authenticated users with create or edi…	CWE-20 Improper Input Validation	CVE-2012-2705	2024-11-21 10:39	2012-06-27	Show	GitHub Exploit DB Packet Storm

296514	-	john_franklin	advertisement	Cross-site scripting (XSS) vulnerability in the Advertisement module 6.x-2.x before 6.x-2.3 for Drupal, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via …	CWE-79 Cross-site Scripting	CVE-2012-2703	2024-11-21 10:39	2012-06-27	Show	GitHub Exploit DB Packet Storm

296515	-	tony_freixas	ubercart_product_keys	The Ubercart Product Keys module 6.x-1.x before 6.x-1.1 for Drupal does not properly check access for product keys, which allows remote attackers to read all unassigned product keys via certain condi…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-2702	2024-11-21 10:39	2012-06-27	Show	GitHub Exploit DB Packet Storm

296516	-	rubyonrails	ruby_on_rails rails	The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord cla…	CWE-89 SQL Injection	CVE-2012-2695	2024-11-21 10:39	2012-06-22	Show	GitHub Exploit DB Packet Storm

296517	-	rubyonrails	ruby_on_rails rails	actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Acti…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-2694	2024-11-21 10:39	2012-06-22	Show	GitHub Exploit DB Packet Storm

296518	-	rubyonrails	ruby_on_rails rails	The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveReco…	CWE-89 SQL Injection	CVE-2012-2661	2024-11-21 10:39	2012-06-22	Show	GitHub Exploit DB Packet Storm

296519	-	rubyonrails	ruby_on_rails rails	actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Acti…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-2660	2024-11-21 10:39	2012-06-22	Show	GitHub Exploit DB Packet Storm

296520	-	drupal-id	counter_module	SQL injection vulnerability in the Counter module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "recording visits."	CWE-89 SQL Injection	CVE-2012-2718	2024-11-21 10:39	2012-06-22	Show	GitHub Exploit DB Packet Storm