Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217251 5.8 警告 FreeBSD - FreeBSD のデバイスファイルシステムにおける制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3001 2014-05-8 10:39 2014-04-30 Show GitHub Exploit DB Packet Storm
217252 7.8 危険 FreeBSD - FreeBSD の inet モジュールの TCP リアセンブリ機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2014-3000 2014-05-8 10:38 2014-04-30 Show GitHub Exploit DB Packet Storm
217253 4.3 警告 Transifex - Transifex コマンドラインクライアントにおける Transifex サーバになりすまされる脆弱性 CWE-20
不適切な入力確認 		CVE-2013-7110 2014-05-7 19:09 2013-10-30 Show GitHub Exploit DB Packet Storm
217254 4.3 警告 Transifex - Transifex コマンドラインクライアントにおける Transifex サーバになりすまされる脆弱性 CWE-20
不適切な入力確認 		CVE-2013-2073 2014-05-7 19:03 2013-10-30 Show GitHub Exploit DB Packet Storm
217255 7.8 危険 シスコシステムズ - Cisco TelePresence System MXP シリーズのソフトウェアの H.225 サブシステムにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2161 2014-05-7 19:00 2014-04-30 Show GitHub Exploit DB Packet Storm
217256 7.8 危険 シスコシステムズ - Cisco TelePresence System MXP シリーズのソフトウェアの H.225 サブシステムにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2160 2014-05-7 19:00 2014-04-30 Show GitHub Exploit DB Packet Storm
217257 7.8 危険 シスコシステムズ - Cisco TelePresence System MXP シリーズのソフトウェアの H.225 サブシステムにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2159 2014-05-7 19:00 2014-04-30 Show GitHub Exploit DB Packet Storm
217258 7.8 危険 シスコシステムズ - Cisco TelePresence System MXP シリーズのソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2158 2014-05-7 18:59 2014-04-30 Show GitHub Exploit DB Packet Storm
217259 7.1 危険 シスコシステムズ - Cisco TelePresence System MXP シリーズのソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2157 2014-05-7 18:59 2014-04-30 Show GitHub Exploit DB Packet Storm
217260 7.1 危険 シスコシステムズ - Cisco TelePresence System MXP シリーズのソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2156 2014-05-7 18:58 2014-04-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292181 - david_alkire drag_\&_drop_gallery Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4477 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
292182 - david_alkire drag_\&_drop_gallery Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-4476 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
292183 - security_questions_project security_questions The Security Questions module for Drupal 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.1 does not properly restrict access, which allows remote attackers to edit an arbitrary user's questions and a… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4475 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
292184 - colorbox_node dennis_blake Multiple cross-site scripting (XSS) vulnerabilities in the Colorbox Node module 7.x-2.x before 7.x-2.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified paramet… CWE-79
Cross-site Scripting 		CVE-2012-4474 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
292185 - christian_johansson restrict_node_page_view The Restrict node page view module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "view any node page" or "view any node {type} page" permission to access unpublished no… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4473 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
292186 - david_alkire drag_\&_drop_gallery Unrestricted file upload vulnerability in upload.php in the Drag & Drop Gallery module 6.x-1.5 and earlier for Drupal allows remote attackers to execute arbitrary PHP code by uploading a file with an… NVD-CWE-Other
CVE-2012-4472 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
292187 - dominique_clause search_autocomplete The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the p… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4471 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
292188 - philip_ludlam listhandler The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4470 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
292189 - simon_rycroft hashcash Cross-site scripting (XSS) vulnerability in the Hashcash module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.2 for Drupal, when "Log failed hashcash" is enabled, allows remote attackers to inject … CWE-79
Cross-site Scripting 		CVE-2012-4469 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
292190 - privatemsg_project privatemsg Cross-site scripting (XSS) vulnerability in the Privatemsg module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a user name in a private message. CWE-79
Cross-site Scripting 		CVE-2012-4468 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm