Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217061 6.8 警告 FFmpeg - FFmpeg の libavcodec/dsputil.c における整数符号エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2013-7010 2014-04-8 09:42 2013-08-30 Show GitHub Exploit DB Packet Storm
217062 2.6 注意 オラクル - Oracle Java SE および JavaFX における脆弱性 CWE-noinfo
情報不足 		CVE-2013-5854 2014-04-7 18:06 2013-10-15 Show GitHub Exploit DB Packet Storm
217063 5 警告 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player におけるクリップボードを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2014-0504 2014-04-7 18:06 2014-03-11 Show GitHub Exploit DB Packet Storm
217064 6.9 警告 freedesktop.org
Canonical		 - udisks におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-0004 2014-04-7 18:05 2014-03-10 Show GitHub Exploit DB Packet Storm
217065 6.4 警告 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player における同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0503 2014-04-7 18:04 2014-03-11 Show GitHub Exploit DB Packet Storm
217066 7.6 危険 サン・マイクロシステムズ
オラクル		 - Oracle Java SE および Java SE Embedded における Deployment に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5852 2014-04-7 18:03 2013-10-15 Show GitHub Exploit DB Packet Storm
217067 5 警告 Mutt - Mutt の copy.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-0467 2014-04-7 18:02 2014-03-12 Show GitHub Exploit DB Packet Storm
217068 9.3 危険 オラクル - Oracle Java SE および JavaFX における JavaFX に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5846 2014-04-7 18:02 2013-10-15 Show GitHub Exploit DB Packet Storm
217069 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-6671 2014-04-7 18:01 2013-12-10 Show GitHub Exploit DB Packet Storm
217070 6.4 警告 Apache Software Foundation - Apache Solr の DocumentAnalysisRequestHandler における脆弱性 CWE-noinfo
情報不足 		CVE-2013-6408 2014-04-7 17:57 2013-05-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293011 - nextbbs nextbbs user.php in NextBBS 0.6 allows remote attackers to bypass authentication and gain administrator access by setting the userkey cookie to 1. CWE-287
Improper Authentication 		CVE-2012-1602 2024-11-21 10:37 2012-10-2 Show GitHub Exploit DB Packet Storm
293012 - ocportal ocportal Directory traversal vulnerability in catalogue_file.php in ocPortal before 7.1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. CWE-22
Path Traversal 		CVE-2012-1471 2024-11-21 10:37 2012-10-2 Show GitHub Exploit DB Packet Storm
293013 - ocportal ocportal Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php in ocPortal before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) path or (2) line parameters. CWE-79
Cross-site Scripting 		CVE-2012-1470 2024-11-21 10:37 2012-10-2 Show GitHub Exploit DB Packet Storm
293014 - luke_herrington stickynote Cross-site request forgery (CSRF) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of users for requests that delete stickynotes v… CWE-352
 Origin Validation Error 		CVE-2012-1636 2024-11-21 10:37 2012-10-2 Show GitHub Exploit DB Packet Storm
293015 - commerceguys commerce Multiple cross-site scripting (XSS) vulnerabilities in product/commerce_product.module in the Drupal Commerce module for Drupal before 7.x-1.2 allow remote authenticated users to inject arbitrary web… CWE-79
Cross-site Scripting 		CVE-2012-1639 2024-11-21 10:37 2012-10-2 Show GitHub Exploit DB Packet Storm
293016 - atheme atheme The myuser_delete function in libathemecore/account.c in Atheme 5.x before 5.2.7, 6.x before 6.0.10, and 7.x before 7.0.0-beta2 does not properly clean up CertFP entries when a user is deleted, which… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1576 2024-11-21 10:37 2012-10-2 Show GitHub Exploit DB Packet Storm
293017 - drupal drupal The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1591 2024-11-21 10:37 2012-10-1 Show GitHub Exploit DB Packet Storm
293018 - drupal drupal The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1590 2024-11-21 10:37 2012-10-1 Show GitHub Exploit DB Packet Storm
293019 - drupal drupal Algorithmic complexity vulnerability in the _filter_url function in the text filtering system (modules/filter/filter.module) in Drupal 7.x before 7.14 allows remote authenticated users with certain r… CWE-399
 Resource Management Errors 		CVE-2012-1588 2024-11-21 10:37 2012-10-1 Show GitHub Exploit DB Packet Storm
293020 - springsource grails VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does not properly restrict data binding, which might allow remote attackers to bypass intended access restrictions and modify arbitrary … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1833 2024-11-21 10:37 2012-09-29 Show GitHub Exploit DB Packet Storm