Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218251 6.5 警告 シマンテック - Symantec Endpoint Protection Manager および Symantec Protection Center Small Business Edition における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-5015 2014-02-17 11:26 2013-07-29 Show GitHub Exploit DB Packet Storm
218252 7.5 危険 シマンテック - Symantec Endpoint Protection Manager および Symantec Protection Center Small Business Edition における任意のファイルを読まれる脆弱性 CWE-Other
その他 		CVE-2013-5014 2014-02-17 11:21 2013-07-29 Show GitHub Exploit DB Packet Storm
218253 3.5 注意 IBM - IBM Sametime の Meeting Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6743 2014-02-17 10:58 2013-11-8 Show GitHub Exploit DB Packet Storm
218254 6.8 警告 IBM - IBM Sametime の Meeting Server におけるクリックジャッキング攻撃を実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-3988 2014-02-17 10:57 2013-06-7 Show GitHub Exploit DB Packet Storm
218255 7.5 危険 IBM - IBM Sametime の Meeting Server におけるアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-6742 2014-02-17 10:57 2013-11-8 Show GitHub Exploit DB Packet Storm
218256 7.5 危険 IBM - IBM Sametime の Meeting Server における脆弱性 CWE-20
不適切な入力確認 		CVE-2013-3983 2014-02-17 10:57 2013-06-7 Show GitHub Exploit DB Packet Storm
218257 5 警告 IBM - IBM Sametime の Meeting Server における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-3978 2014-02-17 10:56 2013-06-7 Show GitHub Exploit DB Packet Storm
218258 7.5 危険 シスコシステムズ - Cisco Unified Communications Manager の Enterprise Mobility Application インターフェースにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-0729 2014-02-14 14:52 2014-02-13 Show GitHub Exploit DB Packet Storm
218259 7.5 危険 シスコシステムズ - Cisco Unified Communications Manager の Java データベースインターフェースにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-0728 2014-02-14 14:51 2014-02-12 Show GitHub Exploit DB Packet Storm
218260 7.5 危険 シスコシステムズ - Cisco Unified Communications Manager の CallManager Interactive Voice Response インターフェースにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-0727 2014-02-14 14:50 2014-02-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294491 - novell suse_manager Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an imag… CWE-79
Cross-site Scripting 		CVE-2012-0414 2024-11-21 10:34 2013-12-2 Show GitHub Exploit DB Packet Storm
294492 - wikiwig_project wikiwig Multiple cross-site scripting (XSS) vulnerabilities in spell-check-savedicts.php in the SpellChecker module in Xinha, as used in WikiWig 5.01 and possibly other products, allow remote attackers to in… CWE-79
Cross-site Scripting 		CVE-2011-5267 2024-11-21 10:34 2013-11-6 Show GitHub Exploit DB Packet Storm
294493 - novell groupwise An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via (1) a pointer argument to the Set… CWE-94
Code Injection 		CVE-2012-0439 2024-11-21 10:34 2013-02-24 Show GitHub Exploit DB Packet Storm
294494 - featurific_for_wordpress_project featurific-for-wordpress Cross-site scripting (XSS) vulnerability in cached_image.php in the Featurific For WordPress plugin 1.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the snum par… CWE-79
Cross-site Scripting 		CVE-2011-5265 2024-11-21 10:34 2013-02-13 Show GitHub Exploit DB Packet Storm
294495 - marcel_brinkkemper lazyest-backup Cross-site scripting (XSS) vulnerability in lazyest-backup.php in the Lazyest Backup plugin before 0.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xml_or_al… CWE-79
Cross-site Scripting 		CVE-2011-5264 2024-11-21 10:34 2013-02-13 Show GitHub Exploit DB Packet Storm
294496 - sap netweaver Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter. CWE-79
Cross-site Scripting 		CVE-2011-5263 2024-11-21 10:34 2013-02-13 Show GitHub Exploit DB Packet Storm
294497 - sonicwall aventail_sra_ex9000
aventail_sra_ex7000
aventail_sra_ex6000
aventail_sra_ex_virtual_appliance 		SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter. CWE-89
SQL Injection 		CVE-2011-5262 2024-11-21 10:34 2013-02-13 Show GitHub Exploit DB Packet Storm
294498 - axis m10_series_network_cameras_firmware
m1054_network_camera 		Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis M10 Series Network Cameras M1054 firmware 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the … CWE-79
Cross-site Scripting 		CVE-2011-5261 2024-11-21 10:34 2013-02-13 Show GitHub Exploit DB Packet Storm
294499 - sap netweaver Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter. CWE-79
Cross-site Scripting 		CVE-2011-5260 2024-11-21 10:34 2013-02-13 Show GitHub Exploit DB Packet Storm
294500 - orangehrm orangehrm SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM before 2.6.11.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2011-5259 2024-11-21 10:34 2013-02-13 Show GitHub Exploit DB Packet Storm