Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218191 4 警告 ヒューレット・パッカード - HP NonStop Safeguard Security Software におけるプログラムのアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-2629 2014-08-14 16:12 2014-08-5 Show GitHub Exploit DB Packet Storm
218192 7.2 危険 IBM - IBM Security AppScan Source の Automation Server における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2014-3072 2014-08-14 15:59 2014-07-30 Show GitHub Exploit DB Packet Storm
218193 7.5 危険 MegaLab.it - MegaLab The Uploader の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-2944 2014-08-14 15:54 2011-07-28 Show GitHub Exploit DB Packet Storm
218194 6.8 警告 シトリックス・システムズ - Citrix Access Gateway Enterprise Edition Plug-in for Windows の nsepacom ActiveX コントロールの StartEpa メソッドにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-2593 2014-08-14 15:48 2011-07-19 Show GitHub Exploit DB Packet Storm
218195 4.3 警告 Brian Nez - Microcart におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4241 2014-08-14 15:42 2012-07-23 Show GitHub Exploit DB Packet Storm
218196 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における ASLR 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0545 2014-08-14 14:46 2014-08-12 Show GitHub Exploit DB Packet Storm
218197 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における ASLR 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0544 2014-08-14 14:46 2014-08-12 Show GitHub Exploit DB Packet Storm
218198 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における ASLR 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0543 2014-08-14 14:45 2014-08-12 Show GitHub Exploit DB Packet Storm
218199 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における ASLR 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0542 2014-08-14 14:45 2014-08-12 Show GitHub Exploit DB Packet Storm
218200 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0541 2014-08-14 14:44 2014-08-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297281 - eucalyptus eucalyptus Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain di… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4065 2024-11-21 10:42 2012-10-2 Show GitHub Exploit DB Packet Storm
297282 - eucalyptus eucalyptus Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Con… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4064 2024-11-21 10:42 2012-10-2 Show GitHub Exploit DB Packet Storm
297283 - eucalyptus eucalyptus The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4063 2024-11-21 10:42 2012-10-2 Show GitHub Exploit DB Packet Storm
297284 - fedoraproject 389_directory_server 389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restriction… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4450 2024-11-21 10:42 2012-10-1 Show GitHub Exploit DB Packet Storm
297285 - smarty smarty Cross-site scripting (XSS) vulnerability in the SmartyException class in Smarty (aka smarty-php) before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors t… CWE-79
Cross-site Scripting 		CVE-2012-4437 2024-11-21 10:42 2012-10-1 Show GitHub Exploit DB Packet Storm
297286 - optipng optipng Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction." CWE-399
 Resource Management Errors 		CVE-2012-4432 2024-11-21 10:42 2012-10-1 Show GitHub Exploit DB Packet Storm
297287 - gnome gnome-shell The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page. CWE-94
Code Injection 		CVE-2012-4427 2024-11-21 10:42 2012-10-1 Show GitHub Exploit DB Packet Storm
297288 - fedoraproject
guac-dev 		fedora
guacamole 		Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a l… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-4415 2024-11-21 10:42 2012-10-1 Show GitHub Exploit DB Packet Storm
297289 - david_king vino Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900. CWE-200
Information Exposure 		CVE-2012-4429 2024-11-21 10:42 2012-10-1 Show GitHub Exploit DB Packet Storm
297290 - wordpress wordpress Cross-site request forgery (CSRF) vulnerability in wp-admin/index.php in WordPress 3.4.2 allows remote attackers to hijack the authentication of administrators for requests that modify an RSS URL via… CWE-352
 Origin Validation Error 		CVE-2012-4448 2024-11-21 10:42 2012-09-29 Show GitHub Exploit DB Packet Storm