Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217061	7.5	危険	Apache Software Foundation	-	Apache Shiro における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2014-0074	2014-10-8 14:40	2014-10-1	Show	GitHub Exploit DB Packet Storm

217062	3.5	注意	Drupal	-	Drupal 用 Custom Search モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-7870	2014-10-8 14:30	2014-04-2	Show	GitHub Exploit DB Packet Storm

217063	3.5	注意	Drupal	-	Drupal 用 Context Form Alteration モジュールの設定 UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-7869	2014-10-8 14:29	2014-04-29	Show	GitHub Exploit DB Packet Storm

217064	4.3	警告	LibVNC	-	LibVNCServer の libvncserver/rfbserver.c の rfbProcessClientNormalMessage 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2014-6054	2014-10-8 14:28	2014-08-18	Show	GitHub Exploit DB Packet Storm

217065	6.5	警告	レッドハット	-	Red Hat CloudForms Management Engine の vmdb/app/controllers/application_controller/performance.rb における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-3642	2014-10-8 14:19	2014-10-2	Show	GitHub Exploit DB Packet Storm

217066	4	警告	レッドハット	-	Red Hat CloudForms Management Engine における重要なコントローラおよびアクションにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0140	2014-10-8 14:19	2014-10-2	Show	GitHub Exploit DB Packet Storm

217067	5.5	警告	レッドハット	-	Red Hat Conga の /luci/homebase および /luci/cluster メニューのコンポーネントにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-3521	2014-10-8 14:19	2014-09-16	Show	GitHub Exploit DB Packet Storm

217068	5	警告	レッドハット	-	Red Hat Conga における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-6496	2014-10-8 14:18	2013-06-6	Show	GitHub Exploit DB Packet Storm

217069	7.5	危険	Rejetto	-	Rejetto HFS (HTTP File Server) に null バイトの取扱いに関する脆弱性	CWE-94 CWE-Other	CVE-2014-6287	2014-10-8 13:44	2014-10-6	Show	GitHub Exploit DB Packet Storm

217070	6.4	警告	ヒューレット・パッカード	-	HP System Management Homepage におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2640	2014-10-7 18:17	2014-09-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
297051	-	netsweeper	netsweeper	Cross-site scripting (XSS) vulnerability in tools/local_lookup.php in the WebAdmin Portal in Netsweeper allows remote attackers to inject arbitrary web script or HTML via the group parameter in a loo…	CWE-79 Cross-site Scripting	CVE-2012-2446	2024-11-21 10:39	2012-07-10	Show	GitHub Exploit DB Packet Storm

297052	-	hazama	mt4i	Cross-site scripting (XSS) vulnerability in the MT4i plugin 3.1 beta 4 and earlier for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different…	CWE-79 Cross-site Scripting	CVE-2012-2644	2024-11-21 10:39	2012-07-7	Show	GitHub Exploit DB Packet Storm

297053	-	kent-web	yy-board	Cross-site scripting (XSS) vulnerability in KENT-WEB YY-BOARD before 6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted form entry.	CWE-79 Cross-site Scripting	CVE-2012-2643	2024-11-21 10:39	2012-07-7	Show	GitHub Exploit DB Packet Storm

297054	-	hazama	mt4i	Cross-site scripting (XSS) vulnerability in the MT4i plugin 3.1 beta 4 and earlier for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different…	CWE-79 Cross-site Scripting	CVE-2012-2642	2024-11-21 10:39	2012-07-7	Show	GitHub Exploit DB Packet Storm

297055	-	zenphoto	zenphoto	Cross-site scripting (XSS) vulnerability in Zenphoto before 1.4.3 allows remote attackers to inject arbitrary web script or HTML by triggering improper interaction with an unspecified library.	CWE-79 Cross-site Scripting	CVE-2012-2641	2024-11-21 10:39	2012-07-6	Show	GitHub Exploit DB Packet Storm

297056	-	yomecolle	nec_biglobe_yome_collection	The NEC BIGLOBE Yome Collection application 1.8.3 and earlier for Android allows remote attackers to read the IMEI value from an SD card via a crafted application that lacks the READ_PHONE_STATE perm…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-2640	2024-11-21 10:39	2012-07-6	Show	GitHub Exploit DB Packet Storm

297057	-	wellintech	kingview	Directory traversal vulnerability in WellinTech KingView 6.53 allows remote attackers to read arbitrary files via a crafted HTTP request to port 8001.	CWE-22 Path Traversal	CVE-2012-2560	2024-11-21 10:39	2012-07-5	Show	GitHub Exploit DB Packet Storm

297058	-	wellintech	kinghistorian	WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer write) via a crafted packet to TCP port 5678.	CWE-399 Resource Management Errors	CVE-2012-2559	2024-11-21 10:39	2012-07-5	Show	GitHub Exploit DB Packet Storm

297059	-	ge	intelligent_platforms_si7_i\/o_driver intelligent_platforms_proficy_batch_execution intelligent_platforms_proficy_historian intelligent_platforms_proficy_hmi\/scada_ifix intelligent_platf…	An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; Proficy HMI/SCADA iFIX 5.0 an…	CWE-78 OS Command	CVE-2012-2516	2024-11-21 10:39	2012-07-5	Show	GitHub Exploit DB Packet Storm

297060	-	emc ge	captiva_quickscan_pro intelligent_platforms_si7_i\/o_driver intelligent_platforms_proficy_batch_execution intelligent_platforms_proficy_historian documentum_applicationxtender_desktop …	Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXt…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-2515	2024-11-21 10:39	2012-07-5	Show	GitHub Exploit DB Packet Storm