Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 2:21 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
218801	10	危険	ヒューレット・パッカード	-	HP StoreVirtual 4000 および StoreVirtual VSA ソフトウェアの LeftHand OS における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2013-4841	2014-02-27 15:48	2013-07-12	Show	GitHub Exploit DB Packet Storm

218802	7.8	危険	Schneider Electric	-	複数の Schneider Electric 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2013-2824	2014-02-27 14:49	2013-12-16	Show	GitHub Exploit DB Packet Storm

218803	4	警告	IBM	-	IBM Netezza Performance Portal における任意のパスワードを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-6731	2014-02-27 14:41	2013-11-8	Show	GitHub Exploit DB Packet Storm

218804	3.5	注意	IBM	-	IBM Rational Focal Point のスクリプトにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0853	2014-02-27 14:40	2014-02-19	Show	GitHub Exploit DB Packet Storm

218805	3.5	注意	IBM	-	IBM Rational Focal Point におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0843	2014-02-27 14:40	2014-02-19	Show	GitHub Exploit DB Packet Storm

218806	5	警告	IBM	-	IBM Rational Focal Point のアカウント作成機能における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2014-0842	2014-02-27 14:40	2014-02-19	Show	GitHub Exploit DB Packet Storm

218807	3.5	注意	IBM	-	IBM Rational Focal Point におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0840	2014-02-27 14:39	2014-02-19	Show	GitHub Exploit DB Packet Storm

218808	4	警告	IBM	-	IBM Rational Focal Point におけるデータを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0839	2014-02-27 14:39	2014-02-19	Show	GitHub Exploit DB Packet Storm

218809	4.3	警告	ikiwiki-hosting Project	-	ikiwiki-hosting のサイト作成インターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-6047	2014-02-27 14:38	2013-10-25	Show	GitHub Exploit DB Packet Storm

218810	3.6	注意	Linux	-	Linux Kernel の kernel/signal.c における ASLR 保護メカニズムを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0914	2014-02-26 16:50	2013-03-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293291	-		tm_software	tempo tempo6.3.0 tempo6.3.2	The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and 7.x before 7.0.3 for Atlassian JIRA does not properly restrict the capabilities of third-party XML parsers, which allows remote …	CWE-399 Resource Management Errors	CVE-2012-2927	2024-11-21 10:39	2012-05-23	Show	GitHub Exploit DB Packet Storm

293292	-		xelex	mobiletrack	The Xelex MobileTrack application 2.3.7 and earlier for Android uses hardcoded credentials, which allows remote attackers to obtain sensitive information via an unencrypted (1) FTP or (2) HTTP sessio…	CWE-255 Credentials Management	CVE-2012-2567	2024-11-21 10:39	2012-05-23	Show	GitHub Exploit DB Packet Storm

293293	-		xelex	mobiletrack	The Xelex MobileTrack application 2.3.7 and earlier for Android does not verify the origin of SMS commands, which allows remote attackers to execute a (1) LOCATE, (2) TRACK, (3) UPDATECFG, (4) UPDATE…	CWE-287 CWE-20 Improper Authentication Improper Input Validation	CVE-2012-2562	2024-11-21 10:39	2012-05-23	Show	GitHub Exploit DB Packet Storm

293294	-		simple_php_agenda	simple_php_agenda	SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action.	CWE-89 SQL Injection	CVE-2012-2925	2024-11-21 10:39	2012-05-22	Show	GitHub Exploit DB Packet Storm

293295	9.1	CRITICAL Network	atlassian	fisheye confluence jira crucible crowd confluence_server bamboo	Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; Bamboo before 3.3.4 and 3.4…	NVD-CWE-noinfo	CVE-2012-2926	2024-11-21 10:39	2012-05-23	Show	GitHub Exploit DB Packet Storm

293296	-		hypermethod	elearning_server	PHP remote file inclusion vulnerability in admin/setup.inc.php in Hypermethod eLearning Server 4G allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.	CWE-94 Code Injection	CVE-2012-2924	2024-11-21 10:39	2012-05-22	Show	GitHub Exploit DB Packet Storm

293297	-		hypermethod	elearning_server	SQL injection vulnerability in news.php4 in Hypermethod eLearning Server 4G allows remote attackers to execute arbitrary SQL commands via the nid parameter.	CWE-89 SQL Injection	CVE-2012-2923	2024-11-21 10:39	2012-05-22	Show	GitHub Exploit DB Packet Storm

293298	-		drupal	drupal	The request_path function in includes/bootstrap.inc in Drupal 7.14 and earlier allows remote attackers to obtain sensitive information via the q[] parameter to index.php, which reveals the installati…	CWE-200 Information Exposure	CVE-2012-2922	2024-11-21 10:39	2012-05-22	Show	GitHub Exploit DB Packet Storm

293299	-		mark_pilgrim	feedparser	Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII …	CWE-399 Resource Management Errors	CVE-2012-2921	2024-11-21 10:39	2012-05-22	Show	GitHub Exploit DB Packet Storm

293300	-		user_photo	user_photo	Cross-site scripting (XSS) vulnerability in the userphoto_options_page function in user-photo.php in the User Photo plugin before 0.9.5.2 for WordPress allows remote attackers to inject arbitrary web…	CWE-79 Cross-site Scripting	CVE-2012-2920	2024-11-21 10:39	2012-05-22	Show	GitHub Exploit DB Packet Storm