Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219081 9.3 危険 Wireshark - Wireshark の MPEG パーサの wiretap/mpeg.c 内の mpeg_read 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-2299 2014-05-14 17:00 2014-03-7 Show GitHub Exploit DB Packet Storm
219082 8.3 危険 横河電機株式会社 - YOKOGAWA CENTUM CS 3000 の BKBCopyD.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-0784 2014-05-14 16:54 2014-03-7 Show GitHub Exploit DB Packet Storm
219083 9 危険 横河電機株式会社 - YOKOGAWA CENTUM CS 3000 の BKHOdeq.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-0783 2014-05-14 16:53 2014-03-7 Show GitHub Exploit DB Packet Storm
219084 9.3 危険 横河電機株式会社 - YOKOGAWA CENTUM CS 3000 の BKCLogSvr.exe におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-0781 2014-05-14 16:53 2014-03-7 Show GitHub Exploit DB Packet Storm
219085 7.1 危険 F5 Networks - 複数の F5 BIG-IP シリーズおよび BIG-IQ ファミリ製品の iControl API における任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2014-2928 2014-05-14 16:15 2014-05-7 Show GitHub Exploit DB Packet Storm
219086 5 警告 OrbiTeam - OrbiTeam BSCW における重要なメタデータを取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-2301 2014-05-14 15:52 2014-04-22 Show GitHub Exploit DB Packet Storm
219087 5 警告 Makina Corpus - SOAPpy におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2014-3243 2014-05-14 12:21 2014-05-6 Show GitHub Exploit DB Packet Storm
219088 5 警告 Makina Corpus - SOAPpy における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2014-3242 2014-05-14 12:21 2014-05-6 Show GitHub Exploit DB Packet Storm
219089 4.3 警告 SimpleRisk - SimpleRisk の management/prioritize_planning.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5749 2014-05-14 12:20 2013-09-16 Show GitHub Exploit DB Packet Storm
219090 6.8 警告 SimpleRisk - SimpleRisk の management/prioritize_planning.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-5748 2014-05-14 12:20 2013-09-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
296231 - tony_freixas ubercart_product_keys The Ubercart Product Keys module 6.x-1.x before 6.x-1.1 for Drupal does not properly check access for product keys, which allows remote attackers to read all unassigned product keys via certain condi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2702 2024-11-21 10:39 2012-06-27 Show GitHub Exploit DB Packet Storm
296232 - rubyonrails ruby_on_rails
rails 		The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord cla… CWE-89
SQL Injection 		CVE-2012-2695 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
296233 - rubyonrails ruby_on_rails
rails 		actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Acti… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2694 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
296234 - rubyonrails ruby_on_rails
rails 		The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveReco… CWE-89
SQL Injection 		CVE-2012-2661 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
296235 - rubyonrails ruby_on_rails
rails 		actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Acti… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2660 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
296236 - drupal-id counter_module SQL injection vulnerability in the Counter module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "recording visits." CWE-89
SQL Injection 		CVE-2012-2718 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
296237 - david_stosik comment_moderation Cross-site request forgery (CSRF) vulnerability in the Comment Moderation module 6.x-1.x before 6.x-1.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests … CWE-352
 Origin Validation Error 		CVE-2012-2716 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
296238 - openstack compute
essex
diablo 		The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check the protocol when security groups are created and the network protoc… CWE-20
 Improper Input Validation  		CVE-2012-2654 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
296239 - w1.fi hostapd hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2389 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
296240 - cisco anyconnect_secure_mobility_client A certain Java applet in the VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR7 on 64-bit Linux platforms does not properly restrict … CWE-20
 Improper Input Validation  		CVE-2012-2496 2024-11-21 10:39 2012-06-21 Show GitHub Exploit DB Packet Storm