Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218351 4.3 警告 AITpro - WordPress 用 BulletProof Security プラグインのセキュリティログにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-3487 2014-03-5 17:14 2013-08-1 Show GitHub Exploit DB Packet Storm
218352 4.3 警告 Andy Bailey - WordPress 用 CommentLuv プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1409 2014-03-5 17:13 2013-02-6 Show GitHub Exploit DB Packet Storm
218353 4.3 警告 アイファイ - Eye-Fi Helper におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4696 2014-03-5 16:56 2011-11-17 Show GitHub Exploit DB Packet Storm
218354 4.3 警告 DrinkedIn - Android 用 DrinkedIn BarFinder アプリケーションにおける任意の JavaScript コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1887 2014-03-5 16:42 2014-02-7 Show GitHub Exploit DB Packet Storm
218355 6.4 警告 HS Group - Android 用 ForzeArmate アプリケーションにおける任意の JavaScript コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1885 2014-03-5 16:40 2014-02-7 Show GitHub Exploit DB Packet Storm
218356 7.5 危険 Google - Android の java/android/webkit/BrowserFrame.java における任意の Java コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-1939 2014-03-5 15:59 2014-02-10 Show GitHub Exploit DB Packet Storm
218357 9 危険 AVTECH - AVTECH AVN801 DVR のファームウェアの cgi-bin/user/Config.cgi におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4981 2014-03-5 14:46 2013-08-28 Show GitHub Exploit DB Packet Storm
218358 9 危険 AVTECH - AVTECH AVN801 DVR のファームウェアの RTSP Packet Handler におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4980 2014-03-5 14:46 2013-08-28 Show GitHub Exploit DB Packet Storm
218359 10 危険 Hangzhou Hikvision Digital Technology - Hikvision DS-2CD7153-E IP カメラのファームウェアの RTSP Packet Handler におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4977 2014-03-5 14:31 2013-08-6 Show GitHub Exploit DB Packet Storm
218360 6.8 警告 Inmatrix - INMATRIX Zoom Player におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-3260 2014-03-5 14:12 2013-06-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294351 - sony vaio_easy_connect
smartwi_connection_utillity
vaio_wireless_wizard
vaio_pc_wireless_lan_wizard 		Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Conn… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-0985 2024-11-21 10:36 2012-06-8 Show GitHub Exploit DB Packet Storm
294352 5.5 MEDIUM
Local 		imagemagick
debian
canonical
opensuse 		imagemagick
debian_linux
ubuntu_linux
opensuse 		Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in … CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2012-1186 2024-11-21 10:36 2012-06-6 Show GitHub Exploit DB Packet Storm
294353 7.8 HIGH
Local 		imagemagick
debian
canonical
opensuse 		imagemagick
debian_linux
ubuntu_linux
opensuse 		Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execu… CWE-190
 Integer Overflow or Wraparound 		CVE-2012-1185 2024-11-21 10:36 2012-06-6 Show GitHub Exploit DB Packet Storm
294354 - libtiff libtiff Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTile… CWE-189
Numeric Errors 		CVE-2012-1173 2024-11-21 10:36 2012-06-5 Show GitHub Exploit DB Packet Storm
294355 - sebastian_heinlein
canonical 		aptdaemon
ubuntu_linux 		Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via … CWE-287
Improper Authentication 		CVE-2012-0944 2024-11-21 10:36 2012-06-5 Show GitHub Exploit DB Packet Storm
294356 - segue_project segue SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2012-1255 2024-11-21 10:36 2012-06-5 Show GitHub Exploit DB Packet Storm
294357 - segue_project segue Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-1254 2024-11-21 10:36 2012-06-5 Show GitHub Exploit DB Packet Storm
294358 - opera opera_browser Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. CWE-310
Cryptographic Issues 		CVE-2012-1251 2024-11-21 10:36 2012-06-5 Show GitHub Exploit DB Packet Storm
294359 - logitech lan-w300n\/ru2_firmware Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which allows remote attackers to obtain administrative privileges and modify settings via vectors related … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1250 2024-11-21 10:36 2012-06-5 Show GitHub Exploit DB Packet Storm
294360 - roundcube webmail Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embed… CWE-79
Cross-site Scripting 		CVE-2012-1253 2024-11-21 10:36 2012-06-5 Show GitHub Exploit DB Packet Storm