Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217331 5 警告 シスコシステムズ - Cisco Hosted Collaboration Solution の Java ベースのソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2121 2014-03-20 16:33 2014-03-19 Show GitHub Exploit DB Packet Storm
217332 4.3 警告 シスコシステムズ - Cisco Adaptive Security Appliance ソフトウェアの WebVPN ログインページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2120 2014-03-20 16:32 2014-03-19 Show GitHub Exploit DB Packet Storm
217333 10 危険 ソフォス - Sophos Web Appliance の /opt/ws/bin/sblistpack の get_referers 関数における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2013-4983 2014-03-20 15:25 2013-09-9 Show GitHub Exploit DB Packet Storm
217334 2.6 注意 Mozilla Foundation - Mozilla Firefox および SeaMonkey のセッション復元機能におけるクロスサイトスクリプティングの脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1504 2014-03-20 14:36 2014-03-18 Show GitHub Exploit DB Packet Storm
217335 6.8 警告 Mozilla Foundation - Mozilla Firefox および SeaMonkey における同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1502 2014-03-20 14:36 2014-03-18 Show GitHub Exploit DB Packet Storm
217336 5.8 警告 Mozilla Foundation - Android 上で稼働する Mozilla Firefox における同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1501 2014-03-20 14:36 2014-03-18 Show GitHub Exploit DB Packet Storm
217337 5 警告 Mozilla Foundation - Mozilla Firefox および SeaMonkey におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2014-1500 2014-03-20 14:36 2014-03-18 Show GitHub Exploit DB Packet Storm
217338 5.8 警告 Mozilla Foundation - Mozilla Firefox および SeaMonkey におけるドメイン名を偽装される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1499 2014-03-20 14:36 2014-03-18 Show GitHub Exploit DB Packet Storm
217339 5 警告 Mozilla Foundation - Mozilla Firefox および SeaMonkey の crypto.generateCRMFRequest メソッドにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
CWE-310
CVE-2014-1498 2014-03-20 14:36 2014-03-18 Show GitHub Exploit DB Packet Storm
217340 9.3 危険 Mozilla Foundation - Mozilla Firefox OS の DeviceStorage API におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-1507 2014-03-20 14:36 2014-03-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292551 - linux linux_kernel Buffer overflow in the macvtap device driver in the Linux kernel before 3.4.5, when running in certain configurations, allows privileged KVM guest users to cause a denial of service (crash) via a lon… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-2119 2024-11-21 10:38 2013-01-23 Show GitHub Exploit DB Packet Storm
292552 - emc avamar
avamar_plugin 		EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to g… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2291 2024-11-21 10:38 2013-01-22 Show GitHub Exploit DB Packet Storm
292553 - redhat
squirrelmail 		enterprise_linux
squirrelmail 		functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial… CWE-399
 Resource Management Errors 		CVE-2012-2124 2024-11-21 10:38 2013-01-18 Show GitHub Exploit DB Packet Storm
292554 - pizzashack rssh Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option. NVD-CWE-Other
CVE-2012-2252 2024-11-21 10:38 2013-01-11 Show GitHub Exploit DB Packet Storm
292555 - pizzashack rssh rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a (1) "-e" or (2) "--" command line option. CWE-20
 Improper Input Validation  		CVE-2012-2251 2024-11-21 10:38 2013-01-11 Show GitHub Exploit DB Packet Storm
292556 - apache cxf Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allow… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2378 2024-11-21 10:38 2013-01-5 Show GitHub Exploit DB Packet Storm
292557 - apache cxf Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element … NVD-CWE-noinfo
CVE-2012-2379 2024-11-21 10:38 2013-01-3 Show GitHub Exploit DB Packet Storm
292558 - mahara mahara Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x before 1.5.7 and 1.6.x before 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the query paramete… CWE-79
Cross-site Scripting 		CVE-2012-2253 2024-11-21 10:38 2012-11-25 Show GitHub Exploit DB Packet Storm
292559 - mahara mahara Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to artefact/file/ and a… CWE-79
Cross-site Scripting 		CVE-2012-2247 2024-11-21 10:38 2012-11-25 Show GitHub Exploit DB Packet Storm
292560 - mahara mahara Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to conduct clickjacking attacks to delete arbitrary users and bypass CSRF protection via account/delete.php. CWE-20
 Improper Input Validation  		CVE-2012-2246 2024-11-21 10:38 2012-11-25 Show GitHub Exploit DB Packet Storm