Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218001 1.9 注意 Mozilla Foundation - Android 上で稼動する Mozilla Firefox における Firefox プロファイルディレクトリから重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-1515 2014-03-26 18:24 2014-03-25 Show GitHub Exploit DB Packet Storm
218002 4.3 警告 OpenSolution - Open Solution Quick.Cms および Quick.Cart におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6430 2014-03-26 15:56 2012-12-19 Show GitHub Exploit DB Packet Storm
218003 4 警告 Moodle - Moodle の mod/assign/externallib.php における評価のメタデータを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-2572 2014-03-26 12:33 2014-03-24 Show GitHub Exploit DB Packet Storm
218004 3.5 注意 Moodle - Moodle の mod/quiz/editlib.php の quiz_question_tostring 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2571 2014-03-26 12:32 2014-03-24 Show GitHub Exploit DB Packet Storm
218005 4 警告 Moodle - Moodle の badges/mybadges.php における任意のバッジの可視性を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0129 2014-03-26 12:32 2014-03-17 Show GitHub Exploit DB Packet Storm
218006 4.9 警告 Moodle - Moodle の mod/feedback/complete.php および mod/feedback/complete_guest.php における Feedback アクティビティ起動時の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0127 2014-03-26 12:32 2014-03-17 Show GitHub Exploit DB Packet Storm
218007 6.8 警告 Moodle - Moodle の enrol/imsenterprise/importnow.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-0126 2014-03-26 12:31 2014-03-17 Show GitHub Exploit DB Packet Storm
218008 5.8 警告 Moodle - Moodle の repository/alfresco/lib.php における Alfresco Repository ファイルの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0125 2014-03-26 12:31 2014-03-17 Show GitHub Exploit DB Packet Storm
218009 4 警告 Moodle - Moodle の mod/forum/renderer.php および mod/quiz/override_form.php における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0124 2014-03-26 12:30 2014-03-17 Show GitHub Exploit DB Packet Storm
218010 4.9 警告 Moodle - Moodle の wiki サブシステムにおける wiki 操作を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0123 2014-03-26 12:30 2014-03-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292001 - flatnux flatnux Cross-site request forgery (CSRF) vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that a… CWE-352
 Origin Validation Error 		CVE-2012-4877 2024-11-21 10:43 2012-09-7 Show GitHub Exploit DB Packet Storm
292002 - trendnet securview_wireless_internet_camera_activex_control
securview_wireless_internet_camera 		Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the Open… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-4876 2024-11-21 10:43 2012-09-7 Show GitHub Exploit DB Packet Storm
292003 - artifex gpl_ghostscript Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-4875 2024-11-21 10:43 2012-09-7 Show GitHub Exploit DB Packet Storm
292004 - awpcp another_wordpress_classifieds_plugin Unspecified vulnerability in the Another WordPress Classifieds Plugin before 2.0 for WordPress has unknown impact and attack vectors related to "image uploads." NVD-CWE-noinfo
CVE-2012-4874 2024-11-21 10:43 2012-09-7 Show GitHub Exploit DB Packet Storm
292005 - sir gnuboard Cross-site scripting (XSS) vulnerability in the file_download function in GNUBoard before 4.34.21 allows remote attackers to inject arbitrary web script or HTML via the filename parameter. CWE-79
Cross-site Scripting 		CVE-2012-4873 2024-11-21 10:43 2012-09-7 Show GitHub Exploit DB Packet Storm
292006 - kayako kayako_fusion Cross-site scripting (XSS) vulnerability in Tickets/Submit in Kayako Fusion before 4.40.985 allows remote attackers to inject arbitrary web script or HTML via certain vectors, possibly a crafted tick… CWE-79
Cross-site Scripting 		CVE-2012-4872 2024-11-21 10:43 2012-09-7 Show GitHub Exploit DB Packet Storm
292007 - litespeedtech litespeed_web_server Cross-site scripting (XSS) vulnerability in service/graph_html.php in the administrator panel in LiteSpeed Web Server 4.1.11 allows remote attackers to inject arbitrary web script or HTML via the gti… CWE-79
Cross-site Scripting 		CVE-2012-4871 2024-11-21 10:43 2012-09-7 Show GitHub Exploit DB Packet Storm
292008 - sangoma freepbx Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) context parameter to panel/index_amp.php or (2… CWE-79
Cross-site Scripting 		CVE-2012-4870 2024-11-21 10:43 2012-09-7 Show GitHub Exploit DB Packet Storm
292009 - sangoma freepbx The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action. CWE-94
Code Injection 		CVE-2012-4869 2024-11-21 10:43 2012-09-7 Show GitHub Exploit DB Packet Storm
292010 - kunena kunena SQL injection vulnerability in news.php in the Kunena component 1.7.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2012-4868 2024-11-21 10:43 2012-09-7 Show GitHub Exploit DB Packet Storm