Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217091 4.9 警告 シトリックス・システムズ - Citrix XenDesktop における他のユーザのデスクトップへのアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4700 2014-07-14 17:31 2014-07-10 Show GitHub Exploit DB Packet Storm
217092 3.5 注意 OpenStack
Canonical		 - OpenStack Neutron の L3-agent におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4167 2014-07-14 17:30 2014-06-7 Show GitHub Exploit DB Packet Storm
217093 5 警告 Apache Software Foundation - Apache Syncope におけるパスワードを推測される脆弱性 CWE-310
暗号の問題 		CVE-2014-3503 2014-07-14 17:29 2014-05-21 Show GitHub Exploit DB Packet Storm
217094 7.2 危険 Docker
Fedora Project		 - Docker における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3499 2014-07-14 17:28 2014-07-1 Show GitHub Exploit DB Packet Storm
217095 4.3 警告 PNP4Nagios - PNP4Nagios におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4908 2014-07-14 16:21 2014-06-12 Show GitHub Exploit DB Packet Storm
217096 4.3 警告 op5
PNP4Nagios		 - PNP4Nagios の share/pnp/application/views/kohana_error_page.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4907 2014-07-14 16:20 2014-04-6 Show GitHub Exploit DB Packet Storm
217097 4.3 警告 Polldaddy Polls & Ratings plugin project - WordPress 用 Polldaddy Polls & Ratings プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4856 2014-07-14 15:53 2014-07-2 Show GitHub Exploit DB Packet Storm
217098 4.3 警告 Polylang project - WordPress 用 Polylang プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4855 2014-07-14 15:50 2014-06-24 Show GitHub Exploit DB Packet Storm
217099 4.3 警告 Ottawa PC & Mobile - WordPress 用 WP Construction Mode プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4854 2014-07-14 15:50 2014-06-28 Show GitHub Exploit DB Packet Storm
217100 6.5 警告 Dolibarr ERP & CRM - Dolibarr ERP/CRM における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-3992 2014-07-14 14:02 2014-07-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
296371 - redhat jboss_enterprise_application_platform
jboss_enterprise_soa_platform
jboss_enterprise_web_platform
jboss_enterprise_brms_platform 		The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the ser… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1167 2024-11-21 10:36 2012-11-24 Show GitHub Exploit DB Packet Storm
296372 - redhat mod_cluster
jboss_enterprise_application_platform 		mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, w… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1154 2024-11-21 10:36 2012-10-23 Show GitHub Exploit DB Packet Storm
296373 - socialcms socialcms Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrator accounts vi… CWE-352
 Origin Validation Error 		CVE-2012-1416 2024-11-21 10:36 2012-10-9 Show GitHub Exploit DB Packet Storm
296374 - dlink dsl-2640b_firmware
dsl-2640b 		Cross-site request forgery (CSRF) vulnerability in redpass.cgi in D-Link DSL-2640B Firmware EU_4.00 allows remote attackers to hijack the authentication of administrators for requests that change the… CWE-352
 Origin Validation Error 		CVE-2012-1308 2024-11-21 10:36 2012-10-9 Show GitHub Exploit DB Packet Storm
296375 - bernhard_wymann
speed-dreams 		torcs
speed_dreams 		Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in The Open Racing Car Simulator (TORCS) before 1.3.3 and Speed Dreams allows user-assisted remote attackers to execute arbitrary co… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-1189 2024-11-21 10:36 2012-10-9 Show GitHub Exploit DB Packet Storm
296376 - kishore_asokan kish_guest_posting_plugin Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a fi… NVD-CWE-Other
CVE-2012-1125 2024-11-21 10:36 2012-10-9 Show GitHub Exploit DB Packet Storm
296377 - plume-cms plume_cms Cross-site request forgery (CSRF) vulnerability in manager/news.php in Plume CMS 1.2.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that create News… CWE-352
 Origin Validation Error 		CVE-2012-1414 2024-11-21 10:36 2012-10-8 Show GitHub Exploit DB Packet Storm
296378 - apprain apprain Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable exte… NVD-CWE-Other
CVE-2012-1153 2024-11-21 10:36 2012-10-7 Show GitHub Exploit DB Packet Storm
296379 - impresscms impresscms Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allows remote authenticated users to include and execute arbitrary local files vi… CWE-22
Path Traversal 		CVE-2012-0987 2024-11-21 10:36 2012-10-7 Show GitHub Exploit DB Packet Storm
296380 - impresscms impresscms Multiple cross-site scripting (XSS) vulnerabilities in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO… CWE-79
Cross-site Scripting 		CVE-2012-0986 2024-11-21 10:36 2012-10-7 Show GitHub Exploit DB Packet Storm