Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219081 6 警告 OpenStack - OpenStack Identity における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3476 2014-06-19 11:33 2014-05-31 Show GitHub Exploit DB Packet Storm
219082 9.3 危険 シトリックス・システムズ - Citrix Access Gateway Enterprise Edition Plug-in for Windows におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2592 2014-06-19 11:23 2011-07-19 Show GitHub Exploit DB Packet Storm
219083 5 警告 Puppet - Puppet Enterprise における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-3249 2014-06-19 11:07 2014-06-10 Show GitHub Exploit DB Packet Storm
219084 4.3 警告 Digium - Asterisk Open Source の PJSIP チャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2014-4048 2014-06-19 11:01 2014-06-12 Show GitHub Exploit DB Packet Storm
219085 5 警告 Digium - Asterisk Open Source および Certified Asterisk におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2014-4047 2014-06-19 11:00 2014-05-9 Show GitHub Exploit DB Packet Storm
219086 6.5 警告 Digium - Asterisk Open Source および Certified Asterisk における任意のシェルコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2014-4046 2014-06-19 10:59 2014-06-12 Show GitHub Exploit DB Packet Storm
219087 4.3 警告 Digium - Asterisk Open Source の PJSIP チャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2014-4045 2014-06-19 10:59 2014-06-12 Show GitHub Exploit DB Packet Storm
219088 4.3 警告 Beanbag - Django 用 Djblets の gravatars/templatetags/gravatars.py におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3995 2014-06-18 15:52 2014-06-6 Show GitHub Exploit DB Packet Storm
219089 4.3 警告 Beanbag - Review Board で使用される Django 用 Djblets におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3994 2014-06-18 15:52 2014-06-6 Show GitHub Exploit DB Packet Storm
219090 6.8 警告 ZyXEL - Zyxel P-660HW-T1 ワイヤレスルータにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-4162 2014-06-18 14:57 2014-06-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
296731 - david_alkire drag_\&_drop_gallery SQL injection vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2012-4479 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296732 - david_alkire drag_\&_drop_gallery Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators. CWE-352
 Origin Validation Error 		CVE-2012-4478 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296733 - david_alkire drag_\&_drop_gallery Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4477 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296734 - david_alkire drag_\&_drop_gallery Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-4476 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296735 - security_questions_project security_questions The Security Questions module for Drupal 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.1 does not properly restrict access, which allows remote attackers to edit an arbitrary user's questions and a… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4475 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296736 - colorbox_node dennis_blake Multiple cross-site scripting (XSS) vulnerabilities in the Colorbox Node module 7.x-2.x before 7.x-2.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified paramet… CWE-79
Cross-site Scripting 		CVE-2012-4474 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296737 - christian_johansson restrict_node_page_view The Restrict node page view module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "view any node page" or "view any node {type} page" permission to access unpublished no… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4473 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296738 - david_alkire drag_\&_drop_gallery Unrestricted file upload vulnerability in upload.php in the Drag & Drop Gallery module 6.x-1.5 and earlier for Drupal allows remote attackers to execute arbitrary PHP code by uploading a file with an… NVD-CWE-Other
CVE-2012-4472 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296739 - dominique_clause search_autocomplete The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the p… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4471 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296740 - philip_ludlam listhandler The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4470 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm