Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 3, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218111 4.3 警告 IBM - IBM Cognos Business Intelligence のサーバにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6732 2014-02-25 13:45 2013-11-8 Show GitHub Exploit DB Packet Storm
218112 6.5 警告 AuraCMS - AuraCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-1401 2014-02-24 18:01 2014-01-30 Show GitHub Exploit DB Packet Storm
218113 9.3 危険 Jetro Platforms - Jetro COCKPIT4i Secure Browsing のクライアントにおける任意のプログラムを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-1861 2014-02-24 16:21 2014-02-2 Show GitHub Exploit DB Packet Storm
218114 5.8 警告 シトリックス・システムズ - Android 用 Citrix ShareFile Mobile および ShareFile Mobile for Tablets におけるサーバになりすまされる脆弱性 CWE-20
不適切な入力確認 		CVE-2014-1910 2014-02-24 15:34 2014-02-18 Show GitHub Exploit DB Packet Storm
218115 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player における整数アンダーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2014-0497 2014-02-24 13:41 2014-02-4 Show GitHub Exploit DB Packet Storm
218116 2.1 注意 マイクロソフト
シマンテック
IBM
オラクル		 - Oracle Fusion Middleware の Oracle Outside In Technology における脆弱性 CWE-noinfo
情報不足 		CVE-2012-1772 2014-02-21 18:44 2012-07-17 Show GitHub Exploit DB Packet Storm
218117 2.1 注意 マイクロソフト
シマンテック
IBM
オラクル		 - Oracle Fusion Middleware の Oracle Outside In Technology における脆弱性 CWE-noinfo
情報不足 		CVE-2012-1771 2014-02-21 18:43 2012-07-17 Show GitHub Exploit DB Packet Storm
218118 2.1 注意 マイクロソフト
シマンテック
IBM
オラクル		 - Oracle Fusion Middleware の Oracle Outside In Technology における脆弱性 CWE-noinfo
情報不足 		CVE-2012-1770 2014-02-21 18:41 2012-07-17 Show GitHub Exploit DB Packet Storm
218119 2.1 注意 マイクロソフト
シマンテック
IBM
オラクル		 - Oracle Fusion Middleware の Oracle Outside In Technology における脆弱性 CWE-noinfo
情報不足 		CVE-2012-1769 2014-02-21 18:40 2012-07-17 Show GitHub Exploit DB Packet Storm
218120 2.1 注意 マイクロソフト
シマンテック
IBM
オラクル		 - Oracle Fusion Middleware の Oracle Outside In Technology における脆弱性 CWE-noinfo
情報不足 		CVE-2012-1768 2014-02-21 18:38 2012-07-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
295681 - foxitsoftware foxit_reader Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 allows local users to gain privileges via a Trojan horse dwmapi.dll, dwrite.dll, or msdrm.dll in the current working directory. CWE-426
 Untrusted Search Path 		CVE-2011-3691 2024-11-21 10:31 2011-09-28 Show GitHub Exploit DB Packet Storm
295682 - plotsoft pdfill_pdf_editor Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 allows local users to gain privileges via a Trojan horse mfc70enu.dll or mfc80loc.dll in the current working directory. NVD-CWE-Other
CVE-2011-3690 2024-11-21 10:31 2011-09-28 Show GitHub Exploit DB Packet Storm
295683 - zikula zikula Zikula 1.2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/voodoodoll… CWE-200
Information Exposure 		CVE-2011-3826 2024-11-21 10:31 2011-09-24 Show GitHub Exploit DB Packet Storm
295684 - zend framework
server 		Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as … CWE-200
Information Exposure 		CVE-2011-3825 2024-11-21 10:31 2011-09-24 Show GitHub Exploit DB Packet Storm
295685 - yourls yourls Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrat… CWE-200
Information Exposure 		CVE-2011-3824 2024-11-21 10:31 2011-09-24 Show GitHub Exploit DB Packet Storm
295686 - yamamah yamamah Yamamah 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/ind… CWE-200
Information Exposure 		CVE-2011-3823 2024-11-21 10:31 2011-09-24 Show GitHub Exploit DB Packet Storm
295687 - xoops xoops XOOPS 2.5.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/system/xoo… CWE-200
Information Exposure 		CVE-2011-3822 2024-11-21 10:31 2011-09-24 Show GitHub Exploit DB Packet Storm
295688 - xajax-project xajax xajax 0.6 beta1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xajax_core/plu… CWE-200
Information Exposure 		CVE-2011-3821 2024-11-21 10:31 2011-09-24 Show GitHub Exploit DB Packet Storm
295689 - webmastersite wsn_software WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/pr… CWE-200
Information Exposure 		CVE-2011-3820 2024-11-21 10:31 2011-09-24 Show GitHub Exploit DB Packet Storm
295690 - 53x11 wow_server_status WoW Server Status 4.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by status.p… CWE-200
Information Exposure 		CVE-2011-3819 2024-11-21 10:31 2011-09-24 Show GitHub Exploit DB Packet Storm