Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217071	6.4	警告	Apache Software Foundation	-	Apache Solr の XML 用 UpdateRequestHandler における脆弱性	CWE-noinfo 情報不足	CVE-2013-6407	2014-04-7 17:56	2013-12-9	Show	GitHub Exploit DB Packet Storm

217072	4.3	警告	Apache Software Foundation	-	Apache Solr の SolrResourceLoader におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-6397	2014-04-7 17:55	2013-09-21	Show	GitHub Exploit DB Packet Storm

217073	5.7	警告	Linux レッドハット	-	Linux Kernel の KVM サブシステムの arch/x86/kvm/lapic.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2013-6367	2014-04-7 17:54	2013-12-12	Show	GitHub Exploit DB Packet Storm

217074	1.9	注意	LIGHTTPD	-	Debian GNU/Linux 上の lighthttpd における PHP 制御ソケットを乗っ取られる脆弱性	CWE-DesignError	CVE-2013-1427	2014-04-7 17:49	2013-03-15	Show	GitHub Exploit DB Packet Storm

217075	5	警告	LIGHTTPD オラクル	-	lighttpd におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-0295	2014-04-7 17:47	2010-02-3	Show	GitHub Exploit DB Packet Storm

217076	5	警告	The PHP Group	-	PHP の SQLite における open_basedir 保護機能を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3365	2014-04-7 17:46	2012-07-19	Show	GitHub Exploit DB Packet Storm

217077	10	危険	The PHP Group アップル	-	PHP の stream の実装における脆弱性	-	CVE-2012-2688	2014-04-7 17:45	2012-07-19	Show	GitHub Exploit DB Packet Storm

217078	4.3	警告	The PHP Group	-	PHP の Fileinfo コンポーネントの libmagic/softmagic.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-4636	2014-04-7 17:44	2013-06-20	Show	GitHub Exploit DB Packet Storm

217079	5	警告	The PHP Group	-	PHP の Calendar コンポーネントの jewish.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2013-4635	2014-04-7 17:43	2013-06-20	Show	GitHub Exploit DB Packet Storm

217080	5	警告	The PHP Group アップル	-	PHP の ext/standard/quot_print.c におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-2110	2014-04-7 17:40	2013-06-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295151	-	sitracker	support_incident_tracker	Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) 3.65 allow remote attackers to hijack the authentication of user for requests that delete a user via …	CWE-352 Origin Validation Error	CVE-2011-5068	2024-11-21 10:33	2012-01-29	Show	GitHub Exploit DB Packet Storm

295152	-	sitracker	support_incident_tracker	move_uploaded_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive information via the file name, which reveals the installation path in an error…	CWE-200 Information Exposure	CVE-2011-5067	2024-11-21 10:33	2012-01-29	Show	GitHub Exploit DB Packet Storm

295153	-	tencent	qqpphoto	The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a password hash via a cr…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4867	2024-11-21 10:33	2012-01-25	Show	GitHub Exploit DB Packet Storm

295154	-	kaixin001	kaixin001	The Kaixin001 (com.kaixin001.activity) application 1.3.1 and 1.3.3 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a cleartext pass…	CWE-200 Information Exposure	CVE-2011-4866	2024-11-21 10:33	2012-01-25	Show	GitHub Exploit DB Packet Storm

295155	-	tencent	microblogpad wblog	The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not properly protect data, which allows remote attackers to read or modify message drafts and search key…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4865	2024-11-21 10:33	2012-01-25	Show	GitHub Exploit DB Packet Storm

295156	-	tencent	mobileqq	The Tencent MobileQQ (com.tencent.mobileqq) application 2.2 for Android does not properly protect data, which allows remote attackers to read or modify messages and a friends list via a crafted appli…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4864	2024-11-21 10:33	2012-01-25	Show	GitHub Exploit DB Packet Storm

295157	-	tencent	qqpimsecure	The Tencent QQPimSecure (com.tencent.qqpimsecure) application 3.0.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS/MMS messages and a contact list via…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4863	2024-11-21 10:33	2012-01-25	Show	GitHub Exploit DB Packet Storm

295158	-	atvise	atvise	Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service (daemon crash) via crafted requests to TCP port 4840.	NVD-CWE-noinfo	CVE-2011-4873	2024-11-21 10:33	2012-01-20	Show	GitHub Exploit DB Packet Storm

295159	-	ibm	websphere_application_server	The SibRaRecoverableSiXaResource class in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 does not properly handle a Service Integration Bus (SIB) dump o…	CWE-200 Information Exposure	CVE-2011-5066	2024-11-21 10:33	2012-01-15	Show	GitHub Exploit DB Packet Storm

295160	-	ibm	websphere_application_server	Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 allows remote attackers to inject arbitrary web script or HTML via vectors related to web messag…	CWE-79 Cross-site Scripting	CVE-2011-5065	2024-11-21 10:33	2012-01-15	Show	GitHub Exploit DB Packet Storm