Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218531 3.5 注意 ownCloud - ownCloud におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0297 2014-03-19 13:34 2013-02-17 Show GitHub Exploit DB Packet Storm
218532 10 危険 Mozilla Foundation - 複数の Mozilla 製品のエディタコンポーネントのテーブル編集ユーザインターフェースにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2013-5618 2014-03-19 11:22 2013-12-10 Show GitHub Exploit DB Packet Storm
218533 10 危険 Mozilla Foundation - 複数の Mozilla 製品の nsEventListenerManager::HandleEventSubType 関数における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2013-5616 2014-03-19 11:20 2013-12-10 Show GitHub Exploit DB Packet Storm
218534 4.3 警告 Mozilla Foundation - Mozilla Firefox および SeaMonkey におけるサンドボックス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5614 2014-03-19 11:18 2013-12-10 Show GitHub Exploit DB Packet Storm
218535 10 危険 Mozilla Foundation - 複数の Mozilla 製品の PresShell::DispatchSynthMouseMove 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-5613 2014-03-19 11:16 2013-12-10 Show GitHub Exploit DB Packet Storm
218536 4.3 警告 ウォッチガード・テクノロジー - WatchGuard Fireware XTM にクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0338 2014-03-19 11:10 2014-03-13 Show GitHub Exploit DB Packet Storm
218537 7.5 危険 ヒューレット・パッカード - HP Unified Functional Testing における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-6210 2014-03-18 16:57 2013-10-21 Show GitHub Exploit DB Packet Storm
218538 7.2 危険 ヒューレット・パッカード - Linux 上で稼働する HP Smart Update Manager における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2013-6208 2014-03-18 16:57 2013-03-12 Show GitHub Exploit DB Packet Storm
218539 6.8 警告 Puppet - Puppet Enterprise におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-4963 2014-03-18 16:54 2013-08-15 Show GitHub Exploit DB Packet Storm
218540 6.8 警告 Puppet - Puppet Enterprise のコンソールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-1399 2014-03-18 16:54 2013-02-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293941 - seagate blackarmor_nas d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2568 2024-11-21 10:39 2012-05-26 Show GitHub Exploit DB Packet Storm
293942 - xarrow xarrow The server in xArrow before 3.4.1 performs an invalid read operation, which allows remote attackers to execute arbitrary code via unspecified vectors. CWE-189
Numeric Errors 		CVE-2012-2429 2024-11-21 10:39 2012-05-26 Show GitHub Exploit DB Packet Storm
293943 - xarrow xarrow Integer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via a crafted packet that triggers an out-of-bounds read operation. CWE-189
Numeric Errors 		CVE-2012-2428 2024-11-21 10:39 2012-05-26 Show GitHub Exploit DB Packet Storm
293944 - xarrow xarrow Heap-based buffer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via packets that trigger an invalid free operation. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-2427 2024-11-21 10:39 2012-05-26 Show GitHub Exploit DB Packet Storm
293945 - xarrow xarrow The server in xArrow before 3.4.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors. CWE-399
 Resource Management Errors 		CVE-2012-2426 2024-11-21 10:39 2012-05-26 Show GitHub Exploit DB Packet Storm
293946 - netweblogic login_with_ajax Cross-site scripting (XSS) vulnerability in login-with-ajax.php in the Login With Ajax (aka login-with-ajax) plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script… CWE-79
Cross-site Scripting 		CVE-2012-2759 2024-11-21 10:39 2012-05-23 Show GitHub Exploit DB Packet Storm
293947 - atlassian
gliffy 		jira
gliffy
confluence_server 		The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to re… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2928 2024-11-21 10:39 2012-05-23 Show GitHub Exploit DB Packet Storm
293948 - tm_software tempo
tempo6.3.0
tempo6.3.2 		The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and 7.x before 7.0.3 for Atlassian JIRA does not properly restrict the capabilities of third-party XML parsers, which allows remote … CWE-399
 Resource Management Errors 		CVE-2012-2927 2024-11-21 10:39 2012-05-23 Show GitHub Exploit DB Packet Storm
293949 - xelex mobiletrack The Xelex MobileTrack application 2.3.7 and earlier for Android uses hardcoded credentials, which allows remote attackers to obtain sensitive information via an unencrypted (1) FTP or (2) HTTP sessio… CWE-255
Credentials Management 		CVE-2012-2567 2024-11-21 10:39 2012-05-23 Show GitHub Exploit DB Packet Storm
293950 - xelex mobiletrack The Xelex MobileTrack application 2.3.7 and earlier for Android does not verify the origin of SMS commands, which allows remote attackers to execute a (1) LOCATE, (2) TRACK, (3) UPDATECFG, (4) UPDATE… CWE-287
CWE-20
Improper Authentication
 Improper Input Validation  		CVE-2012-2562 2024-11-21 10:39 2012-05-23 Show GitHub Exploit DB Packet Storm