Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
218941	3.5	注意	OTRS プロジェクト	-	Open Ticket Request System におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2553	2014-04-4 12:03	2014-04-1	Show	GitHub Exploit DB Packet Storm

218942	6.8	警告	HitMyServer	-	WordPress 用 HMS Testimonials プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-4240	2014-04-4 11:19	2013-08-8	Show	GitHub Exploit DB Packet Storm

218943	3.5	注意	IBM	-	IBM WebSphere Portal の IBM Connections 統合におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0901	2014-04-3 18:29	2014-03-31	Show	GitHub Exploit DB Packet Storm

218944	4.3	警告	IBM	-	IBM WebSphere Portal の WCM UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0828	2014-04-3 18:29	2014-03-31	Show	GitHub Exploit DB Packet Storm

218945	4.3	警告	シスコシステムズ	-	Cisco Security Manager の Web フレームワークにおける CRLF インジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2014-2138	2014-04-3 18:22	2014-04-1	Show	GitHub Exploit DB Packet Storm

218946	4.3	警告	シスコシステムズ	-	Cisco Web セキュリティアプライアンスの Web フレームワークにおける CRLF インジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2014-2137	2014-04-3 18:18	2014-04-1	Show	GitHub Exploit DB Packet Storm

218947	4.3	警告	シスコシステムズ	-	Cisco Unity Connection の Web Inbox におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2125	2014-04-3 18:17	2014-04-1	Show	GitHub Exploit DB Packet Storm

218948	5	警告	Posh portal project	-	POSH の portal/scr_authentif.php の Remember Me 機能における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2014-2212	2014-04-3 18:14	2014-02-20	Show	GitHub Exploit DB Packet Storm

218949	7.5	危険	Horde	-	Horde Application Framework の Util ライブラリにおけるオブジェクトインジェクション攻撃を実行される脆弱性	CWE-94 コード・インジェクション	CVE-2014-1691	2014-04-3 17:00	2014-01-28	Show	GitHub Exploit DB Packet Storm

218950	7.5	危険	Vtiger	-	Vtiger CRM における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3213	2014-04-3 16:41	2013-03-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
294031	-	sun wireshark	sunos wireshark	epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON do…	CWE-399 Resource Management Errors	CVE-2012-4287	2024-11-21 10:42	2012-08-16	Show	GitHub Exploit DB Packet Storm

294032	-	sun wireshark	sunos wireshark	The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero…	CWE-189 Numeric Errors	CVE-2012-4286	2024-11-21 10:42	2012-08-16	Show	GitHub Exploit DB Packet Storm

294033	-	sun redhat opensuse wireshark	sunos enterprise_linux opensuse wireshark	The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause …	CWE-189 Numeric Errors	CVE-2012-4285	2024-11-21 10:42	2012-08-16	Show	GitHub Exploit DB Packet Storm

294034	-	progress	whatsup_gold	Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold 15.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the SNMP system name of the at…	CWE-79 Cross-site Scripting	CVE-2012-4344	2024-11-21 10:42	2012-08-16	Show	GitHub Exploit DB Packet Storm

294035	-	menalto	gallery	Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code via unknown vectors.	NVD-CWE-noinfo	CVE-2012-4343	2024-11-21 10:42	2012-08-16	Show	GitHub Exploit DB Packet Storm

294036	-	menalto	gallery	Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 before 3.0.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2012-4342	2024-11-21 10:42	2012-08-16	Show	GitHub Exploit DB Packet Storm

294037	-	sap	netweaver_abap	Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-4341	2024-11-21 10:42	2012-08-16	Show	GitHub Exploit DB Packet Storm

294038	-	sybase	easerver	Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2012-4340	2024-11-21 10:42	2012-08-16	Show	GitHub Exploit DB Packet Storm

294039	-	transmissionbt	transmission	Multiple cross-site scripting (XSS) vulnerabilities in the web client in Transmission before 2.61 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) created by, or…	CWE-79 Cross-site Scripting	CVE-2012-4037	2024-11-21 10:42	2012-08-16	Show	GitHub Exploit DB Packet Storm

294040	-	adobe	acrobat acrobat_reader	Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diff…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-4162	2024-11-21 10:42	2012-08-15	Show	GitHub Exploit DB Packet Storm