Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218561 5.5 警告 シスコシステムズ - Cisco Secure Access Control System のポータルインターフェースにおけるセッションをハイジャックされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0678 2014-01-28 16:49 2014-01-27 Show GitHub Exploit DB Packet Storm
218562 4.3 警告 シスコシステムズ - Cisco Video Surveillance 5000 HD IP Dome カメラの Web インターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0673 2014-01-28 16:32 2014-01-27 Show GitHub Exploit DB Packet Storm
218563 7.5 危険 Josh Fradley - Burden の login.php の "remember me" 機能における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2013-7137 2014-01-28 16:19 2013-12-18 Show GitHub Exploit DB Packet Storm
218564 4.3 警告 ヤフー株式会社 - FireFox 用 Yahoo! Toolbar プラグインの clickstream.js におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6853 2014-01-28 16:15 2014-01-14 Show GitHub Exploit DB Packet Storm
218565 3.6 注意 Secunia - Secunia CSI Agent における設定を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5364 2014-01-28 16:13 2014-01-10 Show GitHub Exploit DB Packet Storm
218566 6.8 警告 マイクロソフト - Android 用 Microsoft Bing アプリケーションにおける任意の APK ファイルをインストールされる脆弱性 CWE-94
コード・インジェクション 		CVE-2014-1670 2014-01-28 15:48 2014-01-21 Show GitHub Exploit DB Packet Storm
218567 9.3 危険 SmartBear Software - SoapUI の WSDL/WADL インポート機能における任意の Java コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-1202 2014-01-28 15:38 2014-01-14 Show GitHub Exploit DB Packet Storm
218568 4.3 警告 レッドハット - libvirt における ACL の domain:getattr および connect:search_domains の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0028 2014-01-28 10:57 2014-01-16 Show GitHub Exploit DB Packet Storm
218569 4 警告 Drupal - Drupal の Taxonomy モジュールにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1476 2014-01-28 10:11 2014-01-15 Show GitHub Exploit DB Packet Storm
218570 7.5 危険 Drupal - Drupal の OpenID モジュールにおける他のユーザとして認証される脆弱性 CWE-noinfo
情報不足 		CVE-2014-1475 2014-01-28 10:11 2014-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294861 - microsoft windows_xp
windows_server_2003 		Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse execu… NVD-CWE-Other
CVE-2012-0009 2024-11-21 10:34 2012-01-11 Show GitHub Exploit DB Packet Storm
294862 - microsoft anti-cross_site_scripting_library The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets (CSS) escaped character, which allows remot… CWE-79
Cross-site Scripting 		CVE-2012-0007 2024-11-21 10:34 2012-01-11 Show GitHub Exploit DB Packet Storm
294863 - microsoft windows_server_2008
windows_xp
windows_server_2003
windows_vista 		The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, when a Chinese, Japanese, or Korean syste… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-0005 2024-11-21 10:34 2012-01-11 Show GitHub Exploit DB Packet Storm
294864 - microsoft windows_server_2008
windows_xp
windows_7
windows_server_2003
windows_vista 		Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1… NVD-CWE-noinfo
CVE-2012-0004 2024-11-21 10:34 2012-01-11 Show GitHub Exploit DB Packet Storm
294865 - microsoft windows_server_2008
windows_7
windows_xp
windows_server_2003
windows_vista 		Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote a… NVD-CWE-noinfo
CVE-2012-0003 2024-11-21 10:34 2012-01-11 Show GitHub Exploit DB Packet Storm
294866 - microsoft windows_server_2008
windows_7
windows_xp
windows_server_2003
windows_vista 		The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly load structured exception han… NVD-CWE-Other
CVE-2012-0001 2024-11-21 10:34 2012-01-11 Show GitHub Exploit DB Packet Storm
294867 - apache struts The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor chara… CWE-94
Code Injection 		CVE-2012-0394 2024-11-21 10:34 2012-01-9 Show GitHub Exploit DB Packet Storm
294868 - apache struts The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted p… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-0393 2024-11-21 10:34 2012-01-9 Show GitHub Exploit DB Packet Storm
294869 - apache struts The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header… NVD-CWE-noinfo
CVE-2012-0392 2024-11-21 10:34 2012-01-9 Show GitHub Exploit DB Packet Storm
294870 - maradns maradns MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a den… CWE-400
 Uncontrolled Resource Consumption 		CVE-2012-0024 2024-11-21 10:34 2012-01-8 Show GitHub Exploit DB Packet Storm