Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217711	4.3	警告	CMS Made Simple	-	CMS Made Simple の lib/filemanager/ImageManager/editorFrame.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2092	2014-03-4 14:46	2014-02-20	Show	GitHub Exploit DB Packet Storm

217712	3.5	注意	CMS Made Simple	-	CMS Made Simple にクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0334	2014-03-4 14:43	2014-02-28	Show	GitHub Exploit DB Packet Storm

217713	3.5	注意	ATutor	-	ATutor の mods/_standard/forums/admin/forum_add.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2091	2014-03-4 14:02	2014-02-19	Show	GitHub Exploit DB Packet Storm

217714	3.5	注意	ILIAS	-	ILIAS の ilias.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2090	2014-03-4 13:58	2014-02-21	Show	GitHub Exploit DB Packet Storm

217715	6.8	警告	ILIAS	-	ILIAS における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2014-2089	2014-03-4 13:57	2014-02-21	Show	GitHub Exploit DB Packet Storm

217716	6.5	警告	ILIAS	-	ILIAS の ilias.php における任意の PHP コードを実行される脆弱性	CWE-Other その他	CVE-2014-2088	2014-03-4 13:57	2014-02-21	Show	GitHub Exploit DB Packet Storm

217717	7.2	危険	Norman	-	Norman Security Suite における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0816	2014-03-3 18:57	2014-02-26	Show	GitHub Exploit DB Packet Storm

217718	4.3	警告	理化学研究所脳科学総合研究センター神経情報基盤センター	-	XooNIps におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-1968	2014-03-3 18:56	2014-02-26	Show	GitHub Exploit DB Packet Storm

217719	4	警告	株式会社セブン＆アイ・フードシステムズ	-	Android 版アプリ「デニーズ」における SSL サーバ証明書の検証不備の脆弱性	CWE-Other その他	CVE-2014-1967	2014-03-3 18:55	2014-02-26	Show	GitHub Exploit DB Packet Storm

217720	4.9	警告	サイボウズ	-	サイボウズガルーンにおけるセッション管理不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0817	2014-03-3 18:53	2014-02-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292911	-	segue_project	segue	SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2012-1255	2024-11-21 10:36	2012-06-5	Show	GitHub Exploit DB Packet Storm

292912	-	segue_project	segue	Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2012-1254	2024-11-21 10:36	2012-06-5	Show	GitHub Exploit DB Packet Storm

292913	-	opera	opera_browser	Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.	CWE-310 Cryptographic Issues	CVE-2012-1251	2024-11-21 10:36	2012-06-5	Show	GitHub Exploit DB Packet Storm

292914	-	logitech	lan-w300n\/ru2_firmware	Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which allows remote attackers to obtain administrative privileges and modify settings via vectors related …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-1250	2024-11-21 10:36	2012-06-5	Show	GitHub Exploit DB Packet Storm

292915	-	roundcube	webmail	Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embed…	CWE-79 Cross-site Scripting	CVE-2012-1253	2024-11-21 10:36	2012-06-5	Show	GitHub Exploit DB Packet Storm

292916	-	rssowl	rssowl	Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a feed, a different vulnerability than CVE-2006-4760.	CWE-79 Cross-site Scripting	CVE-2012-1252	2024-11-21 10:36	2012-06-5	Show	GitHub Exploit DB Packet Storm

292917	-	canonical	ubuntu_linux	The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repo…	CWE-200 Information Exposure	CVE-2012-0949	2024-11-21 10:36	2012-06-1	Show	GitHub Exploit DB Packet Storm

292918	-	puppet puppetlabs	puppet puppet_enterprise_users puppet_enterprise	Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-1054	2024-11-21 10:36	2012-05-30	Show	GitHub Exploit DB Packet Storm

292919	-	puppet puppetlabs	puppet puppet_enterprise_users puppet_enterprise	The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-1053	2024-11-21 10:36	2012-05-30	Show	GitHub Exploit DB Packet Storm

292920	-	zen-cart	zen_cart	Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attacker…	CWE-79 Cross-site Scripting	CVE-2012-1413	2024-11-21 10:36	2012-05-28	Show	GitHub Exploit DB Packet Storm