Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219081 6.5 警告 PaperThin - PaperThin CommonSpot におけるアクションを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-2862 2014-04-21 19:01 2014-04-14 Show GitHub Exploit DB Packet Storm
219082 5 警告 PaperThin - PaperThin CommonSpot における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-2871 2014-04-21 19:01 2014-04-14 Show GitHub Exploit DB Packet Storm
219083 4.3 警告 PaperThin - PaperThin CommonSpot におけるクロスサイトスクリプティングの脆弱性 CWE-Other
その他 		CVE-2014-2861 2014-04-21 19:01 2014-04-14 Show GitHub Exploit DB Packet Storm
219084 4.3 警告 PaperThin - PaperThin CommonSpot におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2860 2014-04-21 19:01 2014-04-14 Show GitHub Exploit DB Packet Storm
219085 7.5 危険 PaperThin - PaperThin CommonSpot におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-2859 2014-04-21 19:01 2014-04-14 Show GitHub Exploit DB Packet Storm
219086 4 警告 コクヨS&T株式会社 - Android 版 CamiApp における Content Provider のアクセス制限不備の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1986 2014-04-21 18:31 2014-04-14 Show GitHub Exploit DB Packet Storm
219087 2.1 注意 PackageKit Project - PackageKit の Zypper バックエンドにおけるパッケージをダウングレードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-1764 2014-04-21 18:28 2013-05-8 Show GitHub Exploit DB Packet Storm
219088 4.6 警告 bzip.org - bzip2 の bzexe コマンドにおける任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4089 2014-04-21 17:56 2011-12-4 Show GitHub Exploit DB Packet Storm
219089 7.5 危険 Novell - SUSE Studio Onsite および SUSE Studio Extension for System z で使用される KIWI における任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2011-4195 2014-04-21 17:27 2011-12-15 Show GitHub Exploit DB Packet Storm
219090 4.3 警告 Novell - SUSE Studio Onsite および SUSE Studio Extension for System z のオーバーレイファイルタブにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4193 2014-04-21 17:25 2011-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294091 - torproject tor The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (as… CWE-20
 Improper Input Validation  		CVE-2012-4922 2024-11-21 10:43 2012-09-15 Show GitHub Exploit DB Packet Storm
294092 - google chrome Google Chrome before 18.0.1025308 on Android allows remote attackers to obtain cookie information via a crafted application. CWE-200
Information Exposure 		CVE-2012-4909 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
294093 - google chrome Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4908 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
294094 - google chrome Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4907 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
294095 - google chrome Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4906 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
294096 - google chrome Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universa… CWE-79
Cross-site Scripting 		CVE-2012-4905 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
294097 - google chrome Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal… CWE-79
Cross-site Scripting 		CVE-2012-4904 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
294098 - google chrome Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4903 2024-11-21 10:43 2012-09-14 Show GitHub Exploit DB Packet Storm
294099 - cisco asa_cx_context-aware_security
prime_security_manager 		The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to caus… CWE-399
 Resource Management Errors 		CVE-2012-4629 2024-11-21 10:43 2012-09-13 Show GitHub Exploit DB Packet Storm
294100 - gentoo webmin Multiple cross-site request forgery (CSRF) vulnerabilities in file/show.cgi in Webmin 1.590 and earlier allow remote attackers to hijack the authentication of privileged users for requests that (1) r… CWE-352
 Origin Validation Error 		CVE-2012-4893 2024-11-21 10:43 2012-09-12 Show GitHub Exploit DB Packet Storm