Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218201 2.1 注意 eCryptfs.org - ecryptfs-utils の utils/mount.ecryptfs_private.c におけるディレクトリを削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1832 2014-02-19 16:33 2011-08-10 Show GitHub Exploit DB Packet Storm
218202 4.6 警告 eCryptfs.org - ecryptfs-utils の utils/mount.ecryptfs_private.c における任意のディレクトリを新しいファイルシステムに変換される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1831 2014-02-19 16:32 2011-08-10 Show GitHub Exploit DB Packet Storm
218203 7.8 危険 Linux - Linux Kernel の net/ipv4/tcp_input.c の tcp_rcv_state_process 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-6638 2014-02-19 16:04 2012-07-25 Show GitHub Exploit DB Packet Storm
218204 4.9 警告 Linux - Linux Kernel の drivers/staging/comedi/comedi_fops.c におけるカーネルメモリから重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-2909 2014-02-19 15:56 2011-07-5 Show GitHub Exploit DB Packet Storm
218205 4.6 警告 Xen プロジェクト - Xen の xc_cpupool_getinfo 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-1950 2014-02-19 14:44 2014-02-12 Show GitHub Exploit DB Packet Storm
218206 4.3 警告 Vtiger - vTiger CRM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-7326 2014-02-19 14:30 2013-12-10 Show GitHub Exploit DB Packet Storm
218207 7.5 危険 Parcimonie Project - parcimonie におけるキーフェッチを関連付けられる脆弱性 CWE-362
競合状態 		CVE-2014-1921 2014-02-19 14:22 2014-02-7 Show GitHub Exploit DB Packet Storm
218208 4.3 警告 LiveZilla - LiveZilla の Web ベースのオペレータークライアントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-7032 2014-02-19 14:17 2013-12-10 Show GitHub Exploit DB Packet Storm
218209 7.5 危険 Irfan Skiljan - IrfanView におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-5351 2014-02-19 14:07 2013-12-16 Show GitHub Exploit DB Packet Storm
218210 1.9 注意 レッドハット - Red Hat JBoss Enterprise Application Platform および JBoss WildFly Application Server におけるサーバを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0018 2014-02-19 14:03 2014-02-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292241 - asterisk
sangoma 		certified_asterisk
open_source
asterisk 		chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authent… CWE-399
 Resource Management Errors 		CVE-2012-2948 2024-11-21 10:40 2012-06-3 Show GitHub Exploit DB Packet Storm
292242 - debian
digium 		debian_linux
asterisk
certified_asterisk 		chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting… CWE-284
Improper Access Control 		CVE-2012-2947 2024-11-21 10:40 2012-06-3 Show GitHub Exploit DB Packet Storm
292243 - jaow jaow SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the add_ons parameter. CWE-89
SQL Injection 		CVE-2012-2952 2024-11-21 10:40 2012-05-30 Show GitHub Exploit DB Packet Storm
292244 - zte score_m The ZTE sync_agent program for Android 2.3.4 on the Score M device uses a hardcoded ztex1609523 password to control access to commands, which allows remote attackers to gain privileges via a crafted … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2949 2024-11-21 10:40 2012-05-30 Show GitHub Exploit DB Packet Storm
292245 9.8 CRITICAL
Network 		golang go golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.go creates a temporary file with predicable name and executes it as shell script. - CVE-2012-2666 2024-11-21 10:39 2021-07-9 Show GitHub Exploit DB Packet Storm
292246 8.8 HIGH
Network 		axous axous Multiple cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests… CWE-352
 Origin Validation Error 		CVE-2012-2629 2024-11-21 10:39 2020-02-20 Show GitHub Exploit DB Packet Storm
292247 6.1 MEDIUM
Network 		prestashop prestashop Cross-site scripting (XSS) vulnerability in PrestaShop before 1.4.9 allows remote attackers to inject arbitrary web script or HTML via the index of the product[] parameter to ajax.php. CWE-79
Cross-site Scripting 		CVE-2012-2517 2024-11-21 10:39 2020-02-12 Show GitHub Exploit DB Packet Storm
292248 6.1 MEDIUM
Network 		pragmamx pragmamx Multiple cross-site scripting (XSS) vulnerabilities in pragmaMx 1.x before 1.12.2 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to modules.php or (2) img_ur… CWE-79
Cross-site Scripting 		CVE-2012-2452 2024-11-21 10:39 2020-02-12 Show GitHub Exploit DB Packet Storm
292249 6.1 MEDIUM
Network 		atmail atmail Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email. CWE-79
Cross-site Scripting 		CVE-2012-2593 2024-11-21 10:39 2020-02-6 Show GitHub Exploit DB Packet Storm
292250 7.2 HIGH
Network 		tinywebgallery tinywebgallery PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file. CWE-74
Injection 		CVE-2012-2931 2024-11-21 10:39 2020-01-10 Show GitHub Exploit DB Packet Storm