Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217121	6.5	警告	Postfix Admin Project	-	Postfix Admin の functions.inc.php の gen_show_status 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-2655	2014-04-4 14:27	2014-02-19	Show	GitHub Exploit DB Packet Storm

217122	4.3	警告	Splunk	-	Splunk の Splunk Web におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2578	2014-04-4 12:15	2014-03-24	Show	GitHub Exploit DB Packet Storm

217123	3.5	注意	OTRS プロジェクト	-	Open Ticket Request System におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2553	2014-04-4 12:03	2014-04-1	Show	GitHub Exploit DB Packet Storm

217124	6.8	警告	HitMyServer	-	WordPress 用 HMS Testimonials プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-4240	2014-04-4 11:19	2013-08-8	Show	GitHub Exploit DB Packet Storm

217125	3.5	注意	IBM	-	IBM WebSphere Portal の IBM Connections 統合におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0901	2014-04-3 18:29	2014-03-31	Show	GitHub Exploit DB Packet Storm

217126	4.3	警告	IBM	-	IBM WebSphere Portal の WCM UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0828	2014-04-3 18:29	2014-03-31	Show	GitHub Exploit DB Packet Storm

217127	4.3	警告	シスコシステムズ	-	Cisco Security Manager の Web フレームワークにおける CRLF インジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2014-2138	2014-04-3 18:22	2014-04-1	Show	GitHub Exploit DB Packet Storm

217128	4.3	警告	シスコシステムズ	-	Cisco Web セキュリティアプライアンスの Web フレームワークにおける CRLF インジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2014-2137	2014-04-3 18:18	2014-04-1	Show	GitHub Exploit DB Packet Storm

217129	4.3	警告	シスコシステムズ	-	Cisco Unity Connection の Web Inbox におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2125	2014-04-3 18:17	2014-04-1	Show	GitHub Exploit DB Packet Storm

217130	5	警告	Posh portal project	-	POSH の portal/scr_authentif.php の Remember Me 機能における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2014-2212	2014-04-3 18:14	2014-02-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293381	-		emerson	deltav deltav_workstation deltav_proessentials_scientific_graph	SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to execute arbitrary SQ…	CWE-89 SQL Injection	CVE-2012-1815	2024-11-21 10:37	2012-06-9	Show	GitHub Exploit DB Packet Storm

293382	-		emerson	deltav deltav_workstation deltav_proessentials_scientific_graph	Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to inject …	CWE-79 Cross-site Scripting	CVE-2012-1814	2024-11-21 10:37	2012-06-9	Show	GitHub Exploit DB Packet Storm

293383	-		dotcms	dotcms	dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute arbitrary Java code via a crafted (1) XSLT or (2) Velocity template.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-1826	2024-11-21 10:37	2012-06-9	Show	GitHub Exploit DB Packet Storm

293384	6.5	MEDIUM Network	imagemagick debian redhat opensuse	imagemagick debian_linux enterprise_linux_server_aus enterprise_linux_desktop enterprise_linux_server_eus enterprise_linux_server enterprise_linux_workstation storage enterpri…	The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF …	CWE-125 Out-of-bounds Read	CVE-2012-1798	2024-11-21 10:37	2012-06-6	Show	GitHub Exploit DB Packet Storm

293385	7.5	HIGH Network	imagemagick debian canonical opensuse	imagemagick debian_linux ubuntu_linux opensuse	Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component cou…	CWE-190 Integer Overflow or Wraparound	CVE-2012-1610	2024-11-21 10:37	2012-06-6	Show	GitHub Exploit DB Packet Storm

293386	-		isc	bind	ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, wh…	CWE-189 Numeric Errors	CVE-2012-1667	2024-11-21 10:37	2012-06-6	Show	GitHub Exploit DB Packet Storm

293387	-		oscommerce	online_merchant	Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Setup/Application/Install/RPC/DBCheck.php in OSCommerce Online Merchant 3.0.2, when the software is being installed, allows remote …	CWE-79 Cross-site Scripting	CVE-2012-1792	2024-11-21 10:37	2012-05-28	Show	GitHub Exploit DB Packet Storm

293388	-		measuresoft	scadapro_client scadapro_server	Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server before 4.0.0 allows local users to gain privileges via a Trojan horse DLL in the current working di…	NVD-CWE-Other	CVE-2012-1824	2024-11-21 10:37	2012-05-26	Show	GitHub Exploit DB Packet Storm

293389	-		symantec	endpoint_protection	The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of ser…	NVD-CWE-Other	CVE-2012-1821	2024-11-21 10:37	2012-05-24	Show	GitHub Exploit DB Packet Storm

293390	-		drupal	drupal	Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destina…	CWE-20 Improper Input Validation	CVE-2012-1589	2024-11-21 10:37	2012-05-19	Show	GitHub Exploit DB Packet Storm