Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
218221	7.5	危険	ZLDNN.COM	-	DotNetNuke 用 ZLDNN DNNArticle モジュールの RSS ページにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-5117	2014-03-14 15:06	2013-09-12	Show	GitHub Exploit DB Packet Storm

218222	4.3	警告	DNN	-	DotNetNuke におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2013-7335	2014-03-14 15:05	2013-08-13	Show	GitHub Exploit DB Packet Storm

218223	4.3	警告	DNN	-	DotNetNuke におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-4649	2014-03-14 15:05	2013-08-13	Show	GitHub Exploit DB Packet Storm

218224	3.5	注意	DNN	-	DotNetNuke におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3943	2014-03-14 14:39	2013-08-13	Show	GitHub Exploit DB Packet Storm

218225	7.5	危険	FreeType Project	-	FreeType の cff/cf2hints.c 内の cf2_hintmap_build 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-2240	2014-03-14 14:19	2014-03-7	Show	GitHub Exploit DB Packet Storm

218226	4.3	警告	CiviCRM Caseproof Joobi	-	複数ベンダの製品で使用される Open Flash Chart の open-flash-chart.swf におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-1636	2014-03-14 13:48	2013-06-10	Show	GitHub Exploit DB Packet Storm

218227	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR におけるメモリ二重解放の脆弱性	CWE-399 リソース管理の問題	CVE-2014-0502	2014-03-13 18:24	2014-02-20	Show	GitHub Exploit DB Packet Storm

218228	7.8	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR における ASLR 保護メカニズムを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0499	2014-03-13 18:23	2014-02-20	Show	GitHub Exploit DB Packet Storm

218229	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-0498	2014-03-13 18:19	2014-02-20	Show	GitHub Exploit DB Packet Storm

218230	3.5	注意	MySQL AB オラクル	-	Oracle MySQL の MySQL Server における Optimizer に関する脆弱性	CWE-noinfo 情報不足	CVE-2014-0437	2014-03-13 18:18	2014-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293921	-	sourcefabric	newscoop	Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4.x before 4 RC4 allow remote attackers to inject arbitrary web script or HTML via the (1) Back parameter to adm…	CWE-79 Cross-site Scripting	CVE-2012-1935	2024-11-21 10:38	2012-08-28	Show	GitHub Exploit DB Packet Storm

293922	-	sourcefabric	newscoop	SQL injection vulnerability in admin/country/edit.php in Newscoop before 3.5.5 and 4.x before 4 RC4 allows remote attackers to execute arbitrary SQL commands via the f_country_code parameter.	CWE-89 SQL Injection	CVE-2012-1934	2024-11-21 10:38	2012-08-28	Show	GitHub Exploit DB Packet Storm

293923	-	sourcefabric	newscoop	Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in…	CWE-94 Code Injection	CVE-2012-1933	2024-11-21 10:38	2012-08-28	Show	GitHub Exploit DB Packet Storm

293924	-	creative_commons_module_project	creativecommons	Multiple cross-site scripting (XSS) vulnerabilities in the Creative Commons module 6.x-1.x before 6.x-1.1 for Drupal allow remote authenticated users with the administer creative commons permission t…	CWE-79 Cross-site Scripting	CVE-2012-2297	2024-11-21 10:38	2012-08-27	Show	GitHub Exploit DB Packet Storm

293925	-	munin-monitoring	munin	munin-cgi-graph in Munin 2.0 rc4 allows remote attackers to cause a denial of service (disk or memory consumption) via many image requests with large values in the (1) size_x or (2) size_y parameters.	CWE-399 Resource Management Errors	CVE-2012-2147	2024-11-21 10:38	2012-08-27	Show	GitHub Exploit DB Packet Storm

293926	-	ematia	elixir	Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector (IV), which makes it easier for context-dependent users to obtain sensitive information and decrypt the data…	CWE-310 Cryptographic Issues	CVE-2012-2146	2024-11-21 10:38	2012-08-27	Show	GitHub Exploit DB Packet Storm

293927	-	munin-monitoring	munin	cgi-bin/munin-cgi-graph in Munin 2.x writes data to a log file without sanitizing non-printable characters, which might allow user-assisted remote attackers to inject terminal emulator escape sequenc…	CWE-20 Improper Input Validation	CVE-2012-2104	2024-11-21 10:38	2012-08-27	Show	GitHub Exploit DB Packet Storm

293928	-	munin-monitoring	munin	The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.	CWE-59 Link Following	CVE-2012-2103	2024-11-21 10:38	2012-08-27	Show	GitHub Exploit DB Packet Storm

293929	-	sitecom	wlm-2501	Cross-site request forgery (CSRF) vulnerability in goform/admin/formWlEncrypt in Sitecom WLM-2501 allows remote attackers to hijack the authentication of administrators for requests that change the r…	CWE-352 Origin Validation Error	CVE-2012-1921	2024-11-21 10:38	2012-08-27	Show	GitHub Exploit DB Packet Storm

293930	-	pluxml	pluxml	Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_la…	CWE-22 Path Traversal	CVE-2012-2227	2024-11-21 10:38	2012-08-27	Show	GitHub Exploit DB Packet Storm