Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217121	6.5	警告	Postfix Admin Project	-	Postfix Admin の functions.inc.php の gen_show_status 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-2655	2014-04-4 14:27	2014-02-19	Show	GitHub Exploit DB Packet Storm

217122	4.3	警告	Splunk	-	Splunk の Splunk Web におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2578	2014-04-4 12:15	2014-03-24	Show	GitHub Exploit DB Packet Storm

217123	3.5	注意	OTRS プロジェクト	-	Open Ticket Request System におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2553	2014-04-4 12:03	2014-04-1	Show	GitHub Exploit DB Packet Storm

217124	6.8	警告	HitMyServer	-	WordPress 用 HMS Testimonials プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-4240	2014-04-4 11:19	2013-08-8	Show	GitHub Exploit DB Packet Storm

217125	3.5	注意	IBM	-	IBM WebSphere Portal の IBM Connections 統合におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0901	2014-04-3 18:29	2014-03-31	Show	GitHub Exploit DB Packet Storm

217126	4.3	警告	IBM	-	IBM WebSphere Portal の WCM UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0828	2014-04-3 18:29	2014-03-31	Show	GitHub Exploit DB Packet Storm

217127	4.3	警告	シスコシステムズ	-	Cisco Security Manager の Web フレームワークにおける CRLF インジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2014-2138	2014-04-3 18:22	2014-04-1	Show	GitHub Exploit DB Packet Storm

217128	4.3	警告	シスコシステムズ	-	Cisco Web セキュリティアプライアンスの Web フレームワークにおける CRLF インジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2014-2137	2014-04-3 18:18	2014-04-1	Show	GitHub Exploit DB Packet Storm

217129	4.3	警告	シスコシステムズ	-	Cisco Unity Connection の Web Inbox におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2125	2014-04-3 18:17	2014-04-1	Show	GitHub Exploit DB Packet Storm

217130	5	警告	Posh portal project	-	POSH の portal/scr_authentif.php の Remember Me 機能における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2014-2212	2014-04-3 18:14	2014-02-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295141	-	ffmpeg	ffmpeg	Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-4351	2024-11-21 10:32	2013-12-10	Show	GitHub Exploit DB Packet Storm

295142	-	putty	putty	PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-4607	2024-11-21 10:32	2013-08-24	Show	GitHub Exploit DB Packet Storm

295143	-	php	php	Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4718	2024-11-21 10:32	2013-08-14	Show	GitHub Exploit DB Packet Storm

295144	-	linux	linux_kernel	Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some envir…	CWE-362 Race Condition	CVE-2011-4348	2024-11-21 10:32	2013-06-8	Show	GitHub Exploit DB Packet Storm

295145	-	linux	linux_kernel	The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resource…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4347	2024-11-21 10:32	2013-06-8	Show	GitHub Exploit DB Packet Storm

295146	-	linux	linux_kernel	The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-4604	2024-11-21 10:32	2013-06-7	Show	GitHub Exploit DB Packet Storm

295147	-	microsys	promotic	Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-4520	2024-11-21 10:32	2013-05-24	Show	GitHub Exploit DB Packet Storm

295148	-	microsys	promotic	Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-4519	2024-11-21 10:32	2013-05-24	Show	GitHub Exploit DB Packet Storm

295149	-	microsys	promotic	Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.	CWE-22 Path Traversal	CVE-2011-4518	2024-11-21 10:32	2013-05-24	Show	GitHub Exploit DB Packet Storm

295150	-	gnu	glibc	The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.	CWE-399 Resource Management Errors	CVE-2011-4609	2024-11-21 10:32	2013-05-2	Show	GitHub Exploit DB Packet Storm