Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217081	6.8	警告	Tips and Tricks HQ	-	WordPress 用 WordPress Simple Paypal Shopping Cart プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2705	2014-05-16 12:11	2013-06-5	Show	GitHub Exploit DB Packet Storm

217082	4.3	警告	NetWebLogic	-	WordPress 用 Events Manager プラグインおよび Events Manager Pro プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-1407	2014-05-16 12:10	2013-01-22	Show	GitHub Exploit DB Packet Storm

217083	7.5	危険	Drupalauth Project	-	simpleSAMLphp 用 drupalauth モジュールの lib/Auth/Source/External.php における任意のユーザとして認証される脆弱性	CWE-287 不適切な認証	CVE-2013-4552	2014-05-16 11:16	2013-11-4	Show	GitHub Exploit DB Packet Storm

217084	2.6	注意	Dan Wilga	-	Monster Menus モジュールにおける任意のノードコメントを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4504	2014-05-16 11:05	2013-10-29	Show	GitHub Exploit DB Packet Storm

217085	2.1	注意	Alex Barth	-	Drupal 用 Feed Element Mapper モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-4503	2014-05-16 11:03	2013-10-30	Show	GitHub Exploit DB Packet Storm

217086	4	警告	Nathan Haug	-	Drupal 用 FileField Sources モジュールにおける任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4502	2014-05-16 11:03	2013-10-30	Show	GitHub Exploit DB Packet Storm

217087	5	警告	Quiz Module Project	-	Drupal 用 Quiz モジュールのデフォルトの View における重要なクイズ結果を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4501	2014-05-16 11:02	2013-10-30	Show	GitHub Exploit DB Packet Storm

217088	4.9	警告	Quiz Module Project	-	Drupal 用 Quiz モジュールにおける任意のクイズ結果を削除される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4500	2014-05-16 11:02	2013-10-30	Show	GitHub Exploit DB Packet Storm

217089	6.8	警告	madeofcode	-	omniauth-facebook gem におけるクロスサイトリクエストフォージェリ攻撃を実行される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-4562	2014-05-16 10:14	2013-11-12	Show	GitHub Exploit DB Packet Storm

217090	6.8	警告	Atlassian	-	Atlassian Confluence の logout.action におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-6342	2014-05-15 17:17	2012-09-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295781	-	opcsystems	opcsystems.net	Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723.	CWE-20 Improper Input Validation	CVE-2011-4871	2024-11-21 10:33	2012-04-18	Show	GitHub Exploit DB Packet Storm

295782	-	atvise	webmi2ads	The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly validate values in HTTP requests, which allows remote attackers to cause a denial of service (resource consumption…	CWE-20 Improper Input Validation	CVE-2011-4883	2024-11-21 10:33	2012-04-13	Show	GitHub Exploit DB Packet Storm

295783	-	atvise	webmi2ads	The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to cause a denial of service (application exit) via an unspecified command in an HTTP request.	CWE-94 Code Injection	CVE-2011-4882	2024-11-21 10:33	2012-04-13	Show	GitHub Exploit DB Packet Storm

295784	-	atvise	webmi2ads	The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service (NULL pointer deref…	NVD-CWE-Other	CVE-2011-4881	2024-11-21 10:33	2012-04-13	Show	GitHub Exploit DB Packet Storm

295785	-	atvise	webmi2ads	Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request.	CWE-22 Path Traversal	CVE-2011-4880	2024-11-21 10:33	2012-04-13	Show	GitHub Exploit DB Packet Storm

295786	-	microsys	promotic	Use-after-free vulnerability in MICROSYS PROMOTIC before 8.1.7 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (data corruption and application crash) via…	CWE-399 Resource Management Errors	CVE-2011-4874	2024-11-21 10:33	2012-04-13	Show	GitHub Exploit DB Packet Storm

295787	-	openbsd	openssh	The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory co…	CWE-189 Numeric Errors	CVE-2011-5000	2024-11-21 10:33	2012-04-5	Show	GitHub Exploit DB Packet Storm

295788	-	sixapart	movable_type	Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to read or modify data via unknown vectors.	NVD-CWE-noinfo	CVE-2011-5085	2024-11-21 10:33	2012-04-3	Show	GitHub Exploit DB Packet Storm

295789	-	sixapart	movable_type	Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2011-5084	2024-11-21 10:33	2012-04-3	Show	GitHub Exploit DB Packet Storm

295790	-	dotclear	dotclear	Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, the…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-5083	2024-11-21 10:33	2012-03-20	Show	GitHub Exploit DB Packet Storm