Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
218001	4.3	警告	SAP	-	SAP BusinessObjects の Send to Inbox 機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8308	2014-10-23 19:19	2014-06-10	Show	GitHub Exploit DB Packet Storm

218002	2.1	注意	CloudBees	-	CloudBees Jenkins の hudson/util/RemotingDiagnostics.java の doIndex 関数における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2068	2014-10-23 17:33	2014-02-8	Show	GitHub Exploit DB Packet Storm

218003	6.8	警告	CloudBees	-	CloudBees Jenkins における Web セッションをハイジャックされる脆弱性	CWE-287 不適切な認証	CVE-2014-2066	2014-10-23 17:33	2014-02-12	Show	GitHub Exploit DB Packet Storm

218004	4.3	警告	CloudBees	-	CloudBees Jenkins におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2065	2014-10-23 17:32	2014-02-8	Show	GitHub Exploit DB Packet Storm

218005	5	警告	CloudBees	-	CloudBees Jenkins の hudson/security/HudsonPrivateSecurityRealm.java におけるユーザが存在するかどうかを確認される脆弱性	CWE-200 情報漏えい	CVE-2014-2064	2014-10-23 17:32	2014-02-8	Show	GitHub Exploit DB Packet Storm

218006	7.5	危険	CloudBees	-	CloudBees Jenkins におけるクリックジャッキング攻撃を実行される脆弱性	CWE-noinfo 情報不足	CVE-2014-2063	2014-10-23 17:32	2014-02-12	Show	GitHub Exploit DB Packet Storm

218007	6.5	警告	CloudBees	-	CloudBees Jenkins におけるアクセスを保持される脆弱性	CWE-287 不適切な認証	CVE-2014-2062	2014-10-23 17:31	2014-02-8	Show	GitHub Exploit DB Packet Storm

218008	5	警告	CloudBees	-	CloudBees Jenkins の PasswordParameterDefinition の入力制御におけるパスワードを取得される脆弱性	CWE-310 暗号の問題	CVE-2014-2061	2014-10-23 17:31	2014-02-8	Show	GitHub Exploit DB Packet Storm

218009	7.5	危険	CloudBees	-	CloudBees Jenkins の Winstone サーブレットコンテナにおけるセッションをハイジャックされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2060	2014-10-23 17:31	2014-02-15	Show	GitHub Exploit DB Packet Storm

218010	6.5	警告	CloudBees	-	CloudBees Jenkins の BuildTrigger におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2058	2014-10-23 17:30	2014-02-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
297641	-	moodle	moodle	repository/s3/S3.php in the Amazon S3 library in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not verify that the server hostname matches a domain name i…	CWE-20 Improper Input Validation	CVE-2012-6087	2024-11-21 10:45	2013-09-16	Show	GitHub Exploit DB Packet Storm

297642	-	cisco	wireless_control_system prime_network_control_system	Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System (NCS) and Wireless Control System (WCS) allow remote attackers to inject arbitr…	CWE-79 Cross-site Scripting	CVE-2012-5990	2024-11-21 10:45	2013-09-6	Show	GitHub Exploit DB Packet Storm

297643	-	cisco	identity_services_engine_software	Multiple cross-site scripting (XSS) vulnerabilities in the guest portal in Cisco Identity Services Engine (ISE) Software allow remote attackers to inject arbitrary web script or HTML via unspecified …	CWE-79 Cross-site Scripting	CVE-2012-5744	2024-11-21 10:45	2013-08-30	Show	GitHub Exploit DB Packet Storm

297644	-	videolan	vlc_media_player	The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorre…	CWE-189 Numeric Errors	CVE-2012-5855	2024-11-21 10:45	2013-07-11	Show	GitHub Exploit DB Packet Storm

297645	-	ibm	sterling_b2b_integrator sterling_file_gateway	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capt…	CWE-310 Cryptographic Issues	CVE-2012-5936	2024-11-21 10:45	2013-07-3	Show	GitHub Exploit DB Packet Storm

297646	-	ibm	sterling_b2b_integrator sterling_file_gateway	Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors …	CWE-89 SQL Injection	CVE-2012-5766	2024-11-21 10:45	2013-07-3	Show	GitHub Exploit DB Packet Storm

297647	-	typo3	typo3	Cross-site scripting (XSS) vulnerability in the function menu API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitra…	CWE-79 Cross-site Scripting	CVE-2012-6148	2024-11-21 10:45	2013-07-2	Show	GitHub Exploit DB Packet Storm

297648	-	typo3	typo3	Cross-site scripting (XSS) vulnerability in the tree render API (TCA-Tree) in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated bac…	CWE-79 Cross-site Scripting	CVE-2012-6147	2024-11-21 10:45	2013-07-2	Show	GitHub Exploit DB Packet Storm

297649	-	typo3	typo3	Cross-site scripting (XSS) vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject ar…	CWE-79 Cross-site Scripting	CVE-2012-6145	2024-11-21 10:45	2013-07-2	Show	GitHub Exploit DB Packet Storm

297650	-	typo3	typo3	SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL …	CWE-89 SQL Injection	CVE-2012-6144	2024-11-21 10:45	2013-07-2	Show	GitHub Exploit DB Packet Storm