Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216791 6.5 警告 BoonEx - BoonEx Dolphin の administration/profiles.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-3810 2014-06-23 11:55 2014-06-17 Show GitHub Exploit DB Packet Storm
216792 4.3 警告 edward mindreantre - WordPress 用 ThreeWP Email Reflector プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2572 2014-06-23 11:12 2012-08-8 Show GitHub Exploit DB Packet Storm
216793 4.3 警告 Synametrics Technologies - Synametrics Technologies Xeams におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2569 2014-06-23 11:04 2012-08-8 Show GitHub Exploit DB Packet Storm
216794 7.5 危険 オラクル - Oracle データベース TNS リスナーに脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1675 2014-06-23 10:47 2012-05-2 Show GitHub Exploit DB Packet Storm
216795 2.9 注意 シマンテック - Symantec Web Gateway の管理コンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-1652 2014-06-23 09:57 2014-06-16 Show GitHub Exploit DB Packet Storm
216796 5.8 警告 シマンテック - Symantec Web Gateway の管理コンソールの clientreport.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-1651 2014-06-23 09:56 2014-06-16 Show GitHub Exploit DB Packet Storm
216797 5.2 警告 シマンテック - Symantec Web Gateway の管理コンソールの user.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-1650 2014-06-23 09:56 2014-06-16 Show GitHub Exploit DB Packet Storm
216798 7.9 危険 シマンテック - Symantec Web Gateway の管理コンソールの SNMPConfig.php における任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2013-5017 2014-06-23 09:55 2013-07-29 Show GitHub Exploit DB Packet Storm
216799 4.3 警告 Gecad Technologies - Axigen Mail Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2592 2014-06-23 09:39 2012-08-8 Show GitHub Exploit DB Packet Storm
216800 7.8 危険 AlienVault - AlienVault OSSIM の av-centerd SOAP サービスにおける任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2014-4153 2014-06-20 18:42 2014-06-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292401 - google chrome Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4907 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
292402 - google chrome Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4906 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
292403 - google chrome Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universa… CWE-79
Cross-site Scripting 		CVE-2012-4905 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
292404 - google chrome Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal… CWE-79
Cross-site Scripting 		CVE-2012-4904 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
292405 - google chrome Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4903 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
292406 - cisco asa_cx_context-aware_security
prime_security_manager 		The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to caus… CWE-399
 Resource Management Errors 		CVE-2012-4629 2024-11-21 10:43 2012-09-13 Show GitHub Exploit DB Packet Storm
292407 - gentoo webmin Multiple cross-site request forgery (CSRF) vulnerabilities in file/show.cgi in Webmin 1.590 and earlier allow remote attackers to hijack the authentication of privileged users for requests that (1) r… CWE-352
 Origin Validation Error 		CVE-2012-4893 2024-11-21 10:43 2012-09-12 Show GitHub Exploit DB Packet Storm
292408 - flatnux flatnux Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS 2012-03.08 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title_en, (2) summary_en, or (3) bo… CWE-79
Cross-site Scripting 		CVE-2012-4892 2024-11-21 10:43 2012-09-11 Show GitHub Exploit DB Packet Storm
292409 - manageengine firewall_analyzer Cross-site scripting (XSS) vulnerability in fw/index2.do in ManageEngine Firewall Analyzer 7.2 allows remote attackers to inject arbitrary web script or HTML via the url parameter, a different vector… CWE-79
Cross-site Scripting 		CVE-2012-4891 2024-11-21 10:43 2012-09-11 Show GitHub Exploit DB Packet Storm
292410 - flatnux flatnux Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS 2011 08.09.2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) comment to the news, (2) title to t… CWE-79
Cross-site Scripting 		CVE-2012-4890 2024-11-21 10:43 2012-09-11 Show GitHub Exploit DB Packet Storm