Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216781	4.3	警告	AITpro	-	WordPress 用 BulletProof Security プラグインの admin/htaccess/bpsunlock.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-7958	2014-11-7 15:27	2014-11-5	Show	GitHub Exploit DB Packet Storm

216782	4.3	警告	Wordfence.com	-	WordPress 用 Wordfence Security プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4664	2014-11-7 15:27	2014-06-30	Show	GitHub Exploit DB Packet Storm

216783	3.5	注意	Compfight	-	WordPress 用 Compfight プラグインの compfight-search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8622	2014-11-7 15:27	2014-07-3	Show	GitHub Exploit DB Packet Storm

216784	7.5	危険	CA Technologies	-	CA Cloud Service Management における任意のファイルを読まれる脆弱性	CWE-nocwe CWE以外	CVE-2014-8474	2014-11-7 15:22	2014-11-3	Show	GitHub Exploit DB Packet Storm

216785	6.8	警告	CA Technologies	-	CA Cloud Service Management におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-8473	2014-11-7 15:21	2014-11-3	Show	GitHub Exploit DB Packet Storm

216786	6.8	警告	CA Technologies	-	CA Cloud Service Management におけるアクセス制限を回避される脆弱性	CWE-287 不適切な認証	CVE-2014-8472	2014-11-7 15:20	2014-11-3	Show	GitHub Exploit DB Packet Storm

216787	4.3	警告	CA Technologies	-	CA Cloud Service Management における反射攻撃を実行される脆弱性	CWE-noinfo 情報不足	CVE-2014-8471	2014-11-7 15:20	2014-11-3	Show	GitHub Exploit DB Packet Storm

216788	4.3	警告	LaboCNIL	-	French National Commission on Informatics and Liberty CookieViz の json.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8352	2014-11-7 14:56	2014-11-4	Show	GitHub Exploit DB Packet Storm

216789	7.5	危険	LaboCNIL	-	French National Commission on Informatics and Liberty CookieViz の info.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-8351	2014-11-7 14:55	2014-11-4	Show	GitHub Exploit DB Packet Storm

216790	4.3	警告	Forma Lms project	-	Forma Lms におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5257	2014-11-7 14:53	2014-11-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
296771	6.5	MEDIUM Network	cisco	ios	Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking…	CWE-399 Resource Management Errors	CVE-2012-5030	2024-11-21 10:43	2017-08-3	Show	GitHub Exploit DB Packet Storm

296772	8.1	HIGH Adjacent	cisco	adaptive_security_appliance_software	ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Applia…	CWE-254 7PK - Security Features	CVE-2012-5010	2024-11-21 10:43	2017-06-28	Show	GitHub Exploit DB Packet Storm

296773	-		n-tron	702w_industrial_wireless_access_point	N-Tron 702-W Industrial Wireless Access Point devices use the same (1) SSH and (2) HTTPS private keys across different customers' installations, which makes it easier for remote attackers to defeat c…	CWE-310 Cryptographic Issues	CVE-2012-4716	2024-11-21 10:43	2015-06-14	Show	GitHub Exploit DB Packet Storm

296774	-		template_cms_project	template_cms	Multiple cross-site request forgery (CSRF) vulnerabilities in Template CMS 2.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create an admi…	CWE-352 Origin Validation Error	CVE-2012-4902	2024-11-21 10:43	2015-05-21	Show	GitHub Exploit DB Packet Storm

296775	-		template_cms_project	template_cms	Cross-site scripting (XSS) vulnerability in Template CMS 2.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the themes_editor parameter in an add_template action to …	CWE-79 Cross-site Scripting	CVE-2012-4901	2024-11-21 10:43	2015-05-21	Show	GitHub Exploit DB Packet Storm

296776	-		mikejolley	download_monitor	Cross-site scripting (XSS) vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the d…	CWE-79 Cross-site Scripting	CVE-2012-4768	2024-11-21 10:43	2014-09-4	Show	GitHub Exploit DB Packet Storm

296777	-		xnview	xnview	Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image fi…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-4988	2024-11-21 10:43	2014-07-9	Show	GitHub Exploit DB Packet Storm

296778	-		corel	quattro_pro_x6	The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NU…	NVD-CWE-Other	CVE-2012-4728	2024-11-21 10:43	2014-06-6	Show	GitHub Exploit DB Packet Storm

296779	-		owncloud	owncloud	CRLF injection vulnerability in ownCloud Server before 4.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter.	NVD-CWE-Other	CVE-2012-5057	2024-11-21 10:43	2014-06-4	Show	GitHub Exploit DB Packet Storm

296780	-		owncloud	owncloud	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) readyCallback parameter to apps/files_odf…	CWE-79 Cross-site Scripting	CVE-2012-5056	2024-11-21 10:43	2014-06-4	Show	GitHub Exploit DB Packet Storm