Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217561 6.8 警告 GitLab.org - GitLab における任意のユーザになりすまされる脆弱性 CWE-287
不適切な認証 		CVE-2013-4580 2014-05-13 14:08 2013-11-14 Show GitHub Exploit DB Packet Storm
217562 2.1 注意 GNU Project - GNU GRUB 用の特定の Debian パッチにおけるパスワードハッシュを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4577 2014-05-13 13:53 2013-11-14 Show GitHub Exploit DB Packet Storm
217563 4.3 警告 MediaWiki - MediaWiki 用 TimeMediaHandler 拡張機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4574 2014-05-13 12:21 2013-11-6 Show GitHub Exploit DB Packet Storm
217564 7.5 危険 MediaWiki - MediaWiki 用 Scribuntu 拡張機能の php-luasandbox におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4571 2014-05-13 12:20 2013-06-17 Show GitHub Exploit DB Packet Storm
217565 5 警告 MediaWiki - MediaWiki 用 Scribuntu 拡張機能の php-luasandbox におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2013-4570 2014-05-13 12:20 2013-09-24 Show GitHub Exploit DB Packet Storm
217566 4.3 警告 IBM - IBM Operational Decision Manager の Rule Execution Server における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-0946 2014-05-12 18:42 2014-04-30 Show GitHub Exploit DB Packet Storm
217567 3.5 注意 IBM - IBM Operational Decision Manager の Rule Execution Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0945 2014-05-12 18:38 2014-04-30 Show GitHub Exploit DB Packet Storm
217568 6 警告 IBM - IBM Operational Decision Manager の Rule Execution Server の Rule Execution Server コンソールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-0944 2014-05-12 18:33 2014-04-30 Show GitHub Exploit DB Packet Storm
217569 4.3 警告 IBM - IBM iNotes および Domino におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0913 2014-05-12 18:20 2014-05-7 Show GitHub Exploit DB Packet Storm
217570 5 警告 ISC, Inc. - ISC BIND の named のプリフェッチの実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-3214 2014-05-12 18:11 2014-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
296421 - f5 nginx nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_al… NVD-CWE-noinfo
CVE-2011-4963 2024-11-21 10:33 2012-07-27 Show GitHub Exploit DB Packet Storm
296422 - avaya aura_application_server_5300 Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-5096 2024-11-21 10:33 2012-07-4 Show GitHub Exploit DB Packet Storm
296423 - wordpress wordpress The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a deni… CWE-20
 Improper Input Validation  		CVE-2011-4957 2024-11-21 10:33 2012-06-28 Show GitHub Exploit DB Packet Storm
296424 - wordpress wordpress Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2011-4956 2024-11-21 10:33 2012-06-28 Show GitHub Exploit DB Packet Storm
296425 - python python The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-T… CWE-79
Cross-site Scripting 		CVE-2011-4940 2024-11-21 10:33 2012-06-27 Show GitHub Exploit DB Packet Storm
296426 - linux
novell 		linux_kernel
suse_linux_enterprise_server 		The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to o… CWE-20
 Improper Input Validation  		CVE-2011-4914 2024-11-21 10:33 2012-06-22 Show GitHub Exploit DB Packet Storm
296427 - novell
linux 		suse_linux_enterprise_server
linux_kernel 		The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) c… CWE-20
 Improper Input Validation  		CVE-2011-4913 2024-11-21 10:33 2012-06-22 Show GitHub Exploit DB Packet Storm
296428 - openssl openssl The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obt… CWE-310
Cryptographic Issues 		CVE-2011-5095 2024-11-21 10:33 2012-06-21 Show GitHub Exploit DB Packet Storm
296429 - mozilla network_security_services Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, … NVD-CWE-Other
CVE-2011-5094 2024-11-21 10:33 2012-06-17 Show GitHub Exploit DB Packet Storm
296430 - bestpractical rt Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arb… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-5093 2024-11-21 10:33 2012-06-5 Show GitHub Exploit DB Packet Storm