Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 12:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217011	5	警告	Gordon Heydon	-	Drupal 用 Secure Pages モジュールにおける重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2013-4595	2014-06-11 15:54	2013-11-6	Show	GitHub Exploit DB Packet Storm

217012	4	警告	Marc Ferran	-	Drupal 用 Autocomplete Widgets for Text and Number Fields モジュールにおける重要なフィールドの値を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1973	2014-06-11 15:53	2013-04-17	Show	GitHub Exploit DB Packet Storm

217013	4.3	警告	Jojo Open Source Content Management System	-	Jojo CMS の plugins/jojo_core/forgot_password.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3082	2014-06-11 15:32	2013-05-7	Show	GitHub Exploit DB Packet Storm

217014	7.5	危険	Jojo Open Source Content Management System	-	Jojo CMS の plugins/jojo_core/classes/Jojo.php の checkEmailFormat 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3081	2014-06-11 15:32	2013-05-7	Show	GitHub Exploit DB Packet Storm

217015	3.3	注意	CISOfy	-	Lynis の include/tests_webservers における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2014-3986	2014-06-10 17:40	2014-06-8	Show	GitHub Exploit DB Packet Storm

217016	3.3	注意	CISOfy	-	AIX 上で稼働する Lynis の include/tests_webservers における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2014-3982	2014-06-10 17:39	2014-06-8	Show	GitHub Exploit DB Packet Storm

217017	6.9	警告	IBM	-	IBM AIX および VIOS の libodm.a における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2014-3977	2014-06-10 17:27	2014-06-5	Show	GitHub Exploit DB Packet Storm

217018	6	警告	IBM	-	IBM System Storage Virtualization Engine TS7700 における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2014-3048	2014-06-10 17:27	2014-06-4	Show	GitHub Exploit DB Packet Storm

217019	3.6	注意	IBM	-	UNIX 上で稼働する IBM SPSS Modeler における file-access のセキュリティチェックを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-3038	2014-06-10 17:26	2014-06-6	Show	GitHub Exploit DB Packet Storm

217020	4.3	警告	IBM	-	IBM API Management における重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2014-3036	2014-06-10 17:26	2014-05-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292241	-	mindjet	mindmanager_2012	Multiple untrusted search path vulnerabilities in MindManager 2012 10.0.493 allow local users to gain privileges via a Trojan horse (1) ssgp.dll or (2) dwmapi.dll file in the current working director…	NVD-CWE-Other	CVE-2012-4754	2024-11-21 10:43	2012-09-6	Show	GitHub Exploit DB Packet Storm

292242	-	owncloud	owncloud	Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.5 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.	CWE-352 Origin Validation Error	CVE-2012-4753	2024-11-21 10:43	2012-09-6	Show	GitHub Exploit DB Packet Storm

292243	-	owncloud	owncloud	appconfig.php in ownCloud before 4.0.6 does not properly restrict access, which allows remote authenticated users to edit app configurations via unspecified vectors. NOTE: this can be leveraged by u…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4752	2024-11-21 10:43	2012-09-6	Show	GitHub Exploit DB Packet Storm

292244	-	mozilla	bugzilla	Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 stores potentially sensitive information under the web root with insufficient a…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4747	2024-11-21 10:43	2012-09-4	Show	GitHub Exploit DB Packet Storm

292245	-	zte	zxdsl	Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi in ZTE ZXDSL 831IIV7.5.0a_Z29_OV allows remote attackers to hijack the authentication of administrators for requests that change t…	CWE-352 Origin Validation Error	CVE-2012-4746	2024-11-21 10:43	2012-09-1	Show	GitHub Exploit DB Packet Storm

292246	-	the_collective	acuity_cms	Cross-site scripting (XSS) vulnerability in admin/login.asp in Acuity CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.	CWE-79 Cross-site Scripting	CVE-2012-4745	2024-11-21 10:43	2012-09-1	Show	GitHub Exploit DB Packet Storm

292247	-	eos.pe	siche_search_module	Cross-site scripting (XSS) vulnerability in ssearch.php in the Siche search module 0.5 for Zeroboard allows remote attackers to inject arbitrary web script or HTML via the search parameter.	CWE-79 Cross-site Scripting	CVE-2012-4744	2024-11-21 10:43	2012-09-1	Show	GitHub Exploit DB Packet Storm

292248	-	eos.pe	siche_search_module	Multiple SQL injection vulnerabilities in ssearch.php in Siche search module 0.5 for Zeroboard allow remote attackers to execute arbitrary SQL commands via the (1) ss, (2) sm, (3) align, or (4) categ…	CWE-89 SQL Injection	CVE-2012-4743	2024-11-21 10:43	2012-09-1	Show	GitHub Exploit DB Packet Storm

292249	-	packetfence	packetfence	The web_node_register function in web.pm in PacketFence before 3.0.2 might allow remote attackers to execute arbitrary code via unspecified vectors.	NVD-CWE-noinfo	CVE-2012-4742	2024-11-21 10:43	2012-09-1	Show	GitHub Exploit DB Packet Storm

292250	-	packetfence	packetfence	The RADIUS extension in PacketFence before 3.3.0 uses a different user name than is used for authentication for users with custom VLAN assignment extensions, which allows remote attackers to spoof us…	CWE-287 Improper Authentication	CVE-2012-4741	2024-11-21 10:43	2012-09-1	Show	GitHub Exploit DB Packet Storm