Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216801	6.8	警告	IBM	-	IBM Lotus Protector for Mail Security の Admin Web UI におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-0885	2014-05-30 15:22	2014-03-24	Show	GitHub Exploit DB Packet Storm

216802	3.5	注意	IBM	-	IBM Lotus Protector for Mail Security の Admin Web UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0884	2014-05-30 15:09	2014-03-24	Show	GitHub Exploit DB Packet Storm

216803	5	警告	Google Doc Embedder	-	WordPress 用 Google Doc Embedder プラグインにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-4915	2014-05-30 10:51	2012-09-14	Show	GitHub Exploit DB Packet Storm

216804	4.3	警告	IBM	-	IBM WebSphere Portal における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2013-5454	2014-05-30 10:38	2013-11-11	Show	GitHub Exploit DB Packet Storm

216805	4.3	警告	IBM	-	IBM Domino の iNotes の MIME 電子メール機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3990	2014-05-29 18:30	2013-07-31	Show	GitHub Exploit DB Packet Storm

216806	4.3	警告	IBM	-	IBM Domino の iNotes の MIME 電子メール機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3032	2014-05-29 18:30	2013-07-31	Show	GitHub Exploit DB Packet Storm

216807	9.3	危険	IBM	-	IBM Domino の iNotes の DWA9W ActiveX コントロールにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2013-3027	2014-05-29 18:29	2013-07-31	Show	GitHub Exploit DB Packet Storm

216808	9.3	危険	IBM	-	IBM Lotus Quickr for Domino におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-3026	2014-05-29 18:28	2013-06-7	Show	GitHub Exploit DB Packet Storm

216809	5	警告	Samba Project	-	Samba の内部 DNS サーバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-0239	2014-05-29 18:13	2014-05-28	Show	GitHub Exploit DB Packet Storm

216810	6.2	警告	Graham Dumpleton	-	Apache 用の mod_wsgi モジュールにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0240	2014-05-29 17:08	2013-05-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293121	-	kayako	fusion	Cross-site scripting (XSS) vulnerability in __swift/thirdparty/PHPExcel/PHPExcel/Shared/JAMA/docs/download.php in Kayako Fusion 4.40.1148, and possibly before 4.50.1581, allows remote attackers to in…	CWE-79 Cross-site Scripting	CVE-2012-3233	2024-11-21 10:40	2012-09-16	Show	GitHub Exploit DB Packet Storm

293122	-	realnetworks	realplayer realplayer_sp	RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 do not properly handle codec frame sizes in RealAudio files, which allows remote attac…	CWE-189 Numeric Errors	CVE-2012-3234	2024-11-21 10:40	2012-09-12	Show	GitHub Exploit DB Packet Storm

293123	-	gentoo	webmin	file/edit_html.cgi in Webmin 1.590 and earlier does not perform an authorization check before showing a file's unedited contents, which allows remote attackers to read arbitrary files via the file fi…	CWE-287 Improper Authentication	CVE-2012-2983	2024-11-21 10:40	2012-09-12	Show	GitHub Exploit DB Packet Storm

293124	-	gentoo	webmin	file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a \| (pipe) character.	NVD-CWE-Other	CVE-2012-2982	2024-11-21 10:40	2012-09-12	Show	GitHub Exploit DB Packet Storm

293125	-	gentoo	webmin	Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary Perl code via a crafted file associated with the type (aka monitor type name) parameter.	CWE-20 Improper Input Validation	CVE-2012-2981	2024-11-21 10:40	2012-09-12	Show	GitHub Exploit DB Packet Storm

293126	-	f5	application_security_manager_appliance	Cross-site scripting (XSS) vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requ…	CWE-79 Cross-site Scripting	CVE-2012-2975	2024-11-21 10:40	2012-09-12	Show	GitHub Exploit DB Packet Storm

293127	-	ibm	tivoli_asset_management_for_it smartcloud_control_desk change_and_configuration_management_database maximo_asset_management maximo_service_desk tivoli_service_request_manager	Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, a…	CWE-79 Cross-site Scripting	CVE-2012-3326	2024-11-21 10:40	2012-09-11	Show	GitHub Exploit DB Packet Storm

293128	-	ibm	tivoli_asset_management_for_it maximo_asset_management smartcloud_control_desk change_and_configuration_management_database maximo_service_desk tivoli_service_request_manager	Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Ser…	CWE-79 Cross-site Scripting	CVE-2012-3313	2024-11-21 10:40	2012-09-11	Show	GitHub Exploit DB Packet Storm

293129	-	hp	business_availability_center	HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors.	NVD-CWE-noinfo	CVE-2012-3257	2024-11-21 10:40	2012-09-8	Show	GitHub Exploit DB Packet Storm

293130	-	hp	business_availability_center	Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.	CWE-352 Origin Validation Error	CVE-2012-3256	2024-11-21 10:40	2012-09-8	Show	GitHub Exploit DB Packet Storm