Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218011 9 危険 Yealink - Yealink VoIP Phone SIP-T38G の cgi-bin/cgiServer.exx における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2013-5758 2014-08-5 14:09 2013-09-18 Show GitHub Exploit DB Packet Storm
218012 4 警告 Yealink - Yealink VoIP Phone SIP-T38G における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-5757 2014-08-5 14:08 2013-09-18 Show GitHub Exploit DB Packet Storm
218013 4 警告 Yealink - Yealink VoIP Phone SIP-T38G におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-5756 2014-08-5 14:08 2013-09-18 Show GitHub Exploit DB Packet Storm
218014 5.8 警告 Caucho Technology - Resin Pro に Unicode 文字を適切に変換しない問題 CWE-20
CWE-264
CVE-2014-2966 2014-08-5 09:27 2014-07-23 Show GitHub Exploit DB Packet Storm
218015 2.1 注意 Linux - Linux Kernel の fs/aio.c 内の aio_read_events_ring 関数におけるカーネルメモリから重要な情報を取得される脆弱性 CWE-Other
その他 		CVE-2014-0206 2014-08-5 09:27 2014-06-24 Show GitHub Exploit DB Packet Storm
218016 6.8 警告 シーメンス - Siemens SIMATIC PCS 7 などの製品で使用される SIMATIC WinCC のプロジェクト管理アプリケーションにおける重要な情報を取得される脆弱性 CWE-Other
その他 		CVE-2014-4686 2014-08-5 09:26 2014-07-23 Show GitHub Exploit DB Packet Storm
218017 4.6 警告 シーメンス - Siemens SIMATIC PCS 7 などの製品で使用される SIMATIC WinCC における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4685 2014-08-5 09:25 2014-07-23 Show GitHub Exploit DB Packet Storm
218018 6 警告 シーメンス - Siemens SIMATIC PCS 7 などの製品で使用される SIMATIC WinCC の データベースサーバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4684 2014-08-5 09:25 2014-07-23 Show GitHub Exploit DB Packet Storm
218019 4.9 警告 シーメンス - Siemens SIMATIC PCS 7 などの製品で使用される SIMATIC WinCC の WebNavigator サーバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4683 2014-08-5 09:25 2014-07-23 Show GitHub Exploit DB Packet Storm
218020 5 警告 シーメンス - Siemens SIMATIC PCS 7 などの製品で使用される SIMATIC WinCC の WebNavigator サーバにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-4682 2014-08-5 09:24 2014-07-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297161 - nicolas_tormo phppaleo Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. CWE-22
Path Traversal 		CVE-2012-1671 2024-11-21 10:37 2012-10-9 Show GitHub Exploit DB Packet Storm
297162 - postgresql postgresql
postgresql_jdbc_driver 		Interaction error in the PostgreSQL JDBC driver before 8.2, when used with a PostgreSQL server with the "standard_conforming_strings" option enabled, such as the default configuration of PostgreSQL 9… NVD-CWE-Other
CVE-2012-1618 2024-11-21 10:37 2012-10-7 Show GitHub Exploit DB Packet Storm
297163 - hans_nilsson video_filter Cross-site scripting (XSS) vulnerability in video_filter.codecs.inc in the Video Filter module 6.x-2.x and 7.x-2.x for Drupal allows remote attackers to inject arbitrary web script or HTML via the EM… CWE-79
Cross-site Scripting 		CVE-2012-1634 2024-11-21 10:37 2012-10-7 Show GitHub Exploit DB Packet Storm
297164 - lingotek lingotek Multiple cross-site scripting (XSS) vulnerabilities in the Lingotek module 6.x-1.x before 6.x-1.40 for Drupal allow remote authenticated users to inject arbitrary web script or HTML when (1) creating… CWE-79
Cross-site Scripting 		CVE-2012-1624 2024-11-21 10:37 2012-10-7 Show GitHub Exploit DB Packet Storm
297165 - aidanlister regcode The Registration Codes module before 6.x-2.4 for Drupal does not restrict access to the registration code list, which might allow remote attackers to bypass intended registration restrictions. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1623 2024-11-21 10:37 2012-10-7 Show GitHub Exploit DB Packet Storm
297166 - ez ez_publish Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference. NVD-CWE-noinfo
CVE-2012-1565 2024-11-21 10:37 2012-10-7 Show GitHub Exploit DB Packet Storm
297167 - yuriy_v_semenikhin yvs_image_gallery Cross-site scripting (XSS) vulnerability in administration/create_album.php in YVS Image Gallery allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-1564 2024-11-21 10:37 2012-10-7 Show GitHub Exploit DB Packet Storm
297168 - nextbbs nextbbs Cross-site scripting (XSS) vulnerability in NextBBS 0.6 allows remote attackers to inject arbitrary web script or HTML via the do parameter to index.php. CWE-79
Cross-site Scripting 		CVE-2012-1604 2024-11-21 10:37 2012-10-2 Show GitHub Exploit DB Packet Storm
297169 - nextbbs nextbbs Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id paramet… CWE-89
SQL Injection 		CVE-2012-1603 2024-11-21 10:37 2012-10-2 Show GitHub Exploit DB Packet Storm
297170 - nextbbs nextbbs user.php in NextBBS 0.6 allows remote attackers to bypass authentication and gain administrator access by setting the userkey cookie to 1. CWE-287
Improper Authentication 		CVE-2012-1602 2024-11-21 10:37 2012-10-2 Show GitHub Exploit DB Packet Storm