Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217071 4.3 警告 Moxiecode Systems AB - TinyMCE の bbcode プラグインにおけるクロスサイトスクリプティング攻撃を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4230 2014-04-28 15:49 2012-08-9 Show GitHub Exploit DB Packet Storm
217072 9.3 危険 3S-Smart Software Solutions
SoftMotion3D
Festo		 - Festo Modular controllers CECX-X-C1 および CECX-X-M1 における設定を変更される脆弱性 CWE-287
不適切な認証 		CVE-2014-0769 2014-04-28 15:40 2014-04-24 Show GitHub Exploit DB Packet Storm
217073 9.3 危険 3S-Smart Software Solutions
SoftMotion3D
Festo		 - Festo Modular controllers CECX-X-C1 および CECX-X-M1 における任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2014-0760 2014-04-28 15:40 2014-04-24 Show GitHub Exploit DB Packet Storm
217074 4.3 警告 Open-Xchange - Open-Xchange AppSuite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2393 2014-04-28 15:07 2014-04-8 Show GitHub Exploit DB Packet Storm
217075 4.3 警告 Open-Xchange - Open-Xchange AppSuite の電子メール自動設定機能における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-2392 2014-04-28 15:06 2014-04-8 Show GitHub Exploit DB Packet Storm
217076 4.3 警告 Open-Xchange - Open-Xchange AppSuite のパスワードリカバリサービスにおける潜在的に有用なパスワードパターンの情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-2391 2014-04-28 15:06 2014-04-8 Show GitHub Exploit DB Packet Storm
217077 5.5 警告 Xen プロジェクト - Xen におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-2915 2014-04-28 14:56 2014-04-22 Show GitHub Exploit DB Packet Storm
217078 7.5 危険 MODX - MODX Revolution における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-2736 2014-04-28 14:43 2014-04-4 Show GitHub Exploit DB Packet Storm
217079 7.5 危険 レッドハット - Red Hat OpenShift Enterprise の openshift-origin-broker における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2014-0188 2014-04-28 14:36 2014-04-23 Show GitHub Exploit DB Packet Storm
217080 5 警告 Sixnet - Sixnet SixView Manager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-2976 2014-04-28 14:24 2014-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293461 - ckeditor fckeditor
ckeditor 		Cross-site scripting (XSS) vulnerability in the FCKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal allows remote authenticate… CWE-79
Cross-site Scripting 		CVE-2012-2066 2024-11-21 10:38 2012-09-5 Show GitHub Exploit DB Packet Storm
293462 - freso languageicons Cross-site scripting (XSS) vulnerability in the Language Icons module 6.x-2.x before 6.x-2.1 and 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with administer languages permissi… CWE-79
Cross-site Scripting 		CVE-2012-2065 2024-11-21 10:38 2012-09-5 Show GitHub Exploit DB Packet Storm
293463 - mark_theunissen views_lang_switch Cross-site scripting (XSS) vulnerability in theme/views_lang_switch.theme.inc in the Views Language Switcher module before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or… CWE-79
Cross-site Scripting 		CVE-2012-2064 2024-11-21 10:38 2012-09-5 Show GitHub Exploit DB Packet Storm
293464 - brian_altenhofel slidebox The Slidebox module before 7.x-1.4 for Drupal does not properly check permissions, which allows remote attackers to obtain sensitive information via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2063 2024-11-21 10:38 2012-09-5 Show GitHub Exploit DB Packet Storm
293465 - buddypress buddypress SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_wid… CWE-89
SQL Injection 		CVE-2012-2109 2024-11-21 10:38 2012-09-5 Show GitHub Exploit DB Packet Storm
293466 - emc networker Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specif… CWE-134
Use of Externally-Controlled Format String 		CVE-2012-2288 2024-11-21 10:38 2012-09-4 Show GitHub Exploit DB Packet Storm
293467 - yaniv_aran-shamir gigya Cross-site scripting (XSS) vulnerability in the Gigya - Social optimization module 6.x before 6.x-3.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-2117 2024-11-21 10:38 2012-09-1 Show GitHub Exploit DB Packet Storm
293468 - commerceguys commerce_reorder Cross-site request forgery (CSRF) vulnerability in the Commerce Reorder module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that add … CWE-352
 Origin Validation Error 		CVE-2012-2116 2024-11-21 10:38 2012-09-1 Show GitHub Exploit DB Packet Storm
293469 - etalabs musl Stack-based buffer overflow in fprintf in musl before 0.8.8 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string to… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-2114 2024-11-21 10:38 2012-09-1 Show GitHub Exploit DB Packet Storm
293470 - fusiondrupalthemes fusion Cross-site scripting (XSS) vulnerability in the fusion_core_preprocess_page function in fusion_core/template.php in the Fusion module before 6.x-1.13 for Drupal allows remote attackers to inject arbi… CWE-79
Cross-site Scripting 		CVE-2012-2083 2024-11-21 10:38 2012-09-1 Show GitHub Exploit DB Packet Storm