Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
218631	6.8	警告	Moodle	-	Moodle の user/profile/index.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-0010	2014-01-23 17:27	2014-01-20	Show	GitHub Exploit DB Packet Storm

218632	4.3	警告	WordPress.org	-	WordPress の wp-includes/default-filters.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6633	2014-01-23 17:26	2012-06-15	Show	GitHub Exploit DB Packet Storm

218633	4	警告	F5 Networks	-	F5 BIG-IP の sam/admin/vpe2/public/php/server.php における XML 外部エンティティの脆弱性	CWE-200 情報漏えい	CVE-2012-2997	2014-01-23 17:16	2012-09-3	Show	GitHub Exploit DB Packet Storm

218634	7.5	危険	2GLux	-	Joomla! 用 2Glux Sexy Polling コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-7219	2014-01-23 17:15	2013-12-26	Show	GitHub Exploit DB Packet Storm

218635	7.5	危険	Hornbill Corporate Limited	-	Hornbill Supportworks ITSM の reports/calldiary.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-2594	2014-01-23 17:14	2013-04-24	Show	GitHub Exploit DB Packet Storm

218636	2.1	注意	kernel.org レッドハット	-	util-linux のマウントおよびアンマウントにおける制限されたディレクトリの存在を特定される脆弱性	CWE-200 情報漏えい	CVE-2013-0157	2014-01-23 16:53	2013-02-21	Show	GitHub Exploit DB Packet Storm

218637	4.3	警告	Hiox Softwares Pvt Ltd.	-	HIOX Guest Book の add.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-1620	2014-01-23 16:44	2014-01-5	Show	GitHub Exploit DB Packet Storm

218638	6.8	警告	Expat	-	Expat におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0340	2014-01-23 16:33	2013-02-21	Show	GitHub Exploit DB Packet Storm

218639	7.5	危険	CUBIC FACTORY	-	CUBIC CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-1619	2014-01-23 16:28	2014-01-8	Show	GitHub Exploit DB Packet Storm

218640	7.8	危険	Ecava	-	Ecava IntegraXor の SCADA サーバにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-0753	2014-01-23 16:17	2014-01-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295561	-	configserver	configserver_security_firewall	Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long st…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-5033	2024-11-21 10:33	2011-12-30	Show	GitHub Exploit DB Packet Storm

295562	-	winmount	winmount	WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted 0x87342000 IOCTL request to the WMDriver device.	NVD-CWE-Other	CVE-2011-5032	2024-11-21 10:33	2011-12-30	Show	GitHub Exploit DB Packet Storm

295563	-	shilpisoft	capexweb	Multiple SQL injection vulnerabilities in servlet/capexweb.parentvalidatepassword in cApexWEB 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) dfuserid and (2) dfpassword para…	CWE-89 SQL Injection	CVE-2011-5031	2024-11-21 10:33	2011-12-30	Show	GitHub Exploit DB Packet Storm

295564	-	valthbald	meta_tags_quick	Cross-site scripting (XSS) vulnerability in the Meta tags quick module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or H…	CWE-79 Cross-site Scripting	CVE-2011-5030	2024-11-21 10:33	2011-12-30	Show	GitHub Exploit DB Packet Storm

295565	-	alexander_palmo	simple_php_blog	Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.7.0 and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the (1) entry parameter to delete.p…	CWE-79 Cross-site Scripting	CVE-2011-5029	2024-11-21 10:33	2011-12-30	Show	GitHub Exploit DB Packet Storm

295566	-	novell	sentinel_log_manager	Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users…	CWE-22 Path Traversal	CVE-2011-5028	2024-11-21 10:33	2011-12-30	Show	GitHub Exploit DB Packet Storm

295567	-	zabbix	zabbix	Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the profiler.	CWE-79 Cross-site Scripting	CVE-2011-5027	2024-11-21 10:33	2011-12-30	Show	GitHub Exploit DB Packet Storm

295568	-	yaws	yaws	Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) t…	CWE-79 Cross-site Scripting	CVE-2011-5025	2024-11-21 10:33	2011-12-29	Show	GitHub Exploit DB Packet Storm

295569	-	gnu	mailman	Cross-site scripting (XSS) vulnerability in mmsearch/design in the Mailman/htdig integration patch for Mailman allows remote attackers to inject arbitrary web script or HTML via the config parameter.	CWE-79 Cross-site Scripting	CVE-2011-5024	2024-11-21 10:33	2011-12-29	Show	GitHub Exploit DB Packet Storm

295570	-	pligg	pligg_cms	Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the search program, a different vulnerability than CVE-…	CWE-79 Cross-site Scripting	CVE-2011-5023	2024-11-21 10:33	2011-12-29	Show	GitHub Exploit DB Packet Storm