Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217471 7.5 危険 FreeType Project - FreeType の cff/cf2hints.c 内の cf2_hintmap_build 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-2240 2014-03-14 14:19 2014-03-7 Show GitHub Exploit DB Packet Storm
217472 4.3 警告 CiviCRM
Caseproof
Joobi		 - 複数ベンダの製品で使用される Open Flash Chart の open-flash-chart.swf におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1636 2014-03-14 13:48 2013-06-10 Show GitHub Exploit DB Packet Storm
217473 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR におけるメモリ二重解放の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-0502 2014-03-13 18:24 2014-02-20 Show GitHub Exploit DB Packet Storm
217474 7.8 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における ASLR 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0499 2014-03-13 18:23 2014-02-20 Show GitHub Exploit DB Packet Storm
217475 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-0498 2014-03-13 18:19 2014-02-20 Show GitHub Exploit DB Packet Storm
217476 3.5 注意 MySQL AB
オラクル		 - Oracle MySQL の MySQL Server における Optimizer に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-0437 2014-03-13 18:18 2014-01-14 Show GitHub Exploit DB Packet Storm
217477 10 危険 シスコシステムズ - Cisco Unified SIP Phone 3905 のファームウェアにおける root アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0721 2014-03-13 17:45 2014-02-19 Show GitHub Exploit DB Packet Storm
217478 7.5 危険 Raoul Proenca - Gnew の users/login.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-5639 2014-03-13 17:45 2013-10-2 Show GitHub Exploit DB Packet Storm
217479 7.8 危険 シスコシステムズ - Cisco IPS ソフトウェアのコントロールプレーンのアクセスリストの実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0719 2014-03-13 17:42 2014-02-19 Show GitHub Exploit DB Packet Storm
217480 4.4 警告 Novell
Logilab.org		 - logilab-common の shellutils の Execute クラスにおける脆弱性 CWE-noinfo
情報不足 		CVE-2014-1839 2014-03-13 16:43 2014-02-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294531 - estrongs es_file_explorer The EStrongs ES File Explorer application 1.6.0.2 through 1.6.1.1 for Android does not properly restrict access, which allows remote attackers to read arbitrary files via vectors involving an unspeci… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-0322 2024-11-21 10:34 2012-03-6 Show GitHub Exploit DB Packet Storm
294532 - ibm tivoli_provisioning_manager_express_for_software_distribution Multiple SQL injection vulnerabilities in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allow remote attackers to execute arbitrary SQL commands via (1) a SOAP message to th… CWE-89
SQL Injection 		CVE-2012-0199 2024-11-21 10:34 2012-03-6 Show GitHub Exploit DB Packet Storm
294533 - sixapart movable_type Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the (1) commenting feature and (2) community sc… NVD-CWE-noinfo
CVE-2012-0320 2024-11-21 10:34 2012-03-3 Show GitHub Exploit DB Packet Storm
294534 - movabletype movable_type_open_source
movable_type_enterprise
movable_type_advanced
movable_type_pro 		The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, r… CWE-94
Code Injection 		CVE-2012-0319 2024-11-21 10:34 2012-03-3 Show GitHub Exploit DB Packet Storm
294535 - movabletype movable_type_open_source
movable_type_enterprise
movable_type_advanced
movable_type_pro 		Multiple cross-site scripting (XSS) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to inject arbitrary web script or HTML via vectors invol… CWE-79
Cross-site Scripting 		CVE-2012-0318 2024-11-21 10:34 2012-03-3 Show GitHub Exploit DB Packet Storm
294536 - sixapart movable_type Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users f… CWE-352
 Origin Validation Error 		CVE-2012-0317 2024-11-21 10:34 2012-03-3 Show GitHub Exploit DB Packet Storm
294537 - kingsoft internet_security Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application. NVD-CWE-noinfo
CVE-2012-0321 2024-11-21 10:34 2012-03-3 Show GitHub Exploit DB Packet Storm
294538 - ibm personal_communications Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long prof… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-0201 2024-11-21 10:34 2012-03-2 Show GitHub Exploit DB Packet Storm
294539 - cookpad android_mykitchen
android_activities 		The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier applications for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information… CWE-200
Information Exposure 		CVE-2012-0316 2024-11-21 10:34 2012-03-2 Show GitHub Exploit DB Packet Storm
294540 - cisco unity_connection Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before 8.5.1(Su3), and 8.6 before 8.6.2 allows remote attackers to cause a denial of service (services crash) via a series of crafted TCP segmen… CWE-399
 Resource Management Errors 		CVE-2012-0367 2024-11-21 10:34 2012-03-1 Show GitHub Exploit DB Packet Storm