Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216961 5 警告 Plone Foundation - Plone の queryCatalog.py におけるキャッシュを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-5498 2014-10-2 16:47 2012-11-6 Show GitHub Exploit DB Packet Storm
216962 5 警告 Plone Foundation - Plone の membership_tool.py におけるユーザアカウント名を列挙される脆弱性 CWE-200
情報漏えい 		CVE-2012-5497 2014-10-2 16:47 2012-11-6 Show GitHub Exploit DB Packet Storm
216963 5 警告 Plone Foundation - Plone の python_scripts.py における Python コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-5495 2014-10-2 16:46 2012-11-6 Show GitHub Exploit DB Packet Storm
216964 4.3 警告 Plone Foundation - Plone の python_scripts.py におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5494 2014-10-2 16:46 2012-11-6 Show GitHub Exploit DB Packet Storm
216965 8.5 危険 Plone Foundation - Plone の gtbn.py における Python のサンドボックスを回避される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-5493 2014-10-2 16:45 2012-11-6 Show GitHub Exploit DB Packet Storm
216966 5 警告 Plone Foundation - Plone の uid_catalog.py における隠しオブジェクトのメタデータを取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-5492 2014-10-2 16:44 2012-11-6 Show GitHub Exploit DB Packet Storm
216967 4.3 警告 Plone Foundation - Plone で使用される z3c.form におけるフォームフィールドのデフォルト値を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-5491 2014-10-2 16:44 2012-11-6 Show GitHub Exploit DB Packet Storm
216968 4.3 警告 Plone Foundation - Plone の kssdevel.py におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5490 2014-10-2 16:44 2012-11-6 Show GitHub Exploit DB Packet Storm
216969 5 警告 Plone Foundation - Plone の python_scripts.py における Python コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-5488 2014-10-2 16:43 2012-11-6 Show GitHub Exploit DB Packet Storm
216970 8.5 危険 Plone Foundation - Plone のサンドボックスのホワイトリスト生成機能における Python のサンドボックス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-5487 2014-10-2 16:42 2012-11-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
296681 9.8 CRITICAL
Network 		ibm xiv_storage_system_2810-a14_firmware
xiv_storage_system_2812-a14_firmware
xiv_storage_system_2810-114_firmware
xiv_storage_system_2812-114_firmware 		IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and 2812-114 devices before level 11.1.1 have hardcoded passwords for unspecified accounts, which allows remo… CWE-798
 Use of Hard-coded Credentials 		CVE-2012-2166 2024-11-21 10:38 2018-02-9 Show GitHub Exploit DB Packet Storm
296682 - sgi xfsprogs xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image. CWE-200
Information Exposure 		CVE-2012-2150 2024-11-21 10:38 2015-08-26 Show GitHub Exploit DB Packet Storm
296683 - simple_php_agenda_project simple_php_agenda Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Agenda 2.2.8 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an ad… CWE-352
 Origin Validation Error 		CVE-2012-1978 2024-11-21 10:38 2015-05-22 Show GitHub Exploit DB Packet Storm
296684 - ubercart ubercart The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer product classes" permission to execute arbitrary PHP code via unspecified vectors. CWE-94
Code Injection 		CVE-2012-2301 2024-11-21 10:38 2014-11-16 Show GitHub Exploit DB Packet Storm
296685 - adobe photoshop_cs5
photoshop_cs5.1 		Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a long Collada… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-2052 2024-11-21 10:38 2014-06-20 Show GitHub Exploit DB Packet Storm
296686 - fedoraproject
david_paleino 		fedora
wicd 		The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus messag… CWE-20
 Improper Input Validation  		CVE-2012-2095 2024-11-21 10:38 2014-04-8 Show GitHub Exploit DB Packet Storm
296687 - martin_nagy bind-dyndb-ldap The handle_connection_error function in ldap_helper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service (infini… CWE-399
 Resource Management Errors 		CVE-2012-2134 2024-11-21 10:38 2014-02-27 Show GitHub Exploit DB Packet Storm
296688 - standards_based_linux_instrumentation_project
opensuse 		standards-based_linux_common_information_model_client
opensuse 		internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) before 2.1.12 computes hash value… CWE-310
Cryptographic Issues 		CVE-2012-2328 2024-11-21 10:38 2014-02-11 Show GitHub Exploit DB Packet Storm
296689 - csounds csound Stack-based buffer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted fil… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-2108 2024-11-21 10:38 2014-02-5 Show GitHub Exploit DB Packet Storm
296690 - csounds csound Integer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file, which tr… CWE-189
Numeric Errors 		CVE-2012-2107 2024-11-21 10:38 2014-02-5 Show GitHub Exploit DB Packet Storm