Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
219101	6.5	警告	GPLHost	-	Domain Technologie Control の shared/inc/forms/packager.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-5276	2014-03-25 09:51	2011-04-30	Show	GitHub Exploit DB Packet Storm

219102	7.5	危険	GPLHost	-	Domain Technologie Control のインストールスクリプトにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-5275	2014-03-25 09:51	2011-08-12	Show	GitHub Exploit DB Packet Storm

219103	7.5	危険	GPLHost	-	Domain Technologie Control の shared/inc/forms/packager.php における任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-5274	2014-03-25 09:51	2011-04-30	Show	GitHub Exploit DB Packet Storm

219104	6.5	警告	GPLHost	-	Domain Technologie Control の shared/package-installer におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-5273	2014-03-25 09:51	2011-08-12	Show	GitHub Exploit DB Packet Storm

219105	6.5	警告	GPLHost	-	Domain Technologie Control における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-5272	2014-03-25 09:51	2011-08-12	Show	GitHub Exploit DB Packet Storm

219106	3.5	注意	GPLHost	-	Domain Technologie Control におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3199	2014-03-25 09:51	2011-08-12	Show	GitHub Exploit DB Packet Storm

219107	2.1	注意	GPLHost	-	Domain Technologie Control におけるパスワードを読まれる脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-3198	2014-03-25 09:51	2011-08-12	Show	GitHub Exploit DB Packet Storm

219108	6.5	警告	GPLHost	-	Domain Technologie Control における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-3197	2014-03-25 09:51	2011-08-12	Show	GitHub Exploit DB Packet Storm

219109	2.1	注意	GPLHost	-	Domain Technologie Control のセットアップスクリプトにおける dtcdaemon MySQL パスワードを取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-3196	2014-03-25 09:51	2011-08-12	Show	GitHub Exploit DB Packet Storm

219110	6.5	警告	GPLHost	-	Domain Technologie Control の shared/inc/sql/lists.php における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-3195	2014-03-25 09:51	2011-08-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292021	-	owncloud	owncloud	ownCloud Server before 4.5.7 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to /apps/calendar/export.php. …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0304	2024-11-21 10:47	2014-06-6	Show	GitHub Exploit DB Packet Storm

292022	-	owncloud	owncloud	Unspecified vulnerability in ownCloud Server before 4.0.12 allows remote attackers to obtain sensitive information via unspecified vectors related to "inclusion of the Amazon SDK testing suite." NOTE…	NVD-CWE-noinfo	CVE-2013-0302	2024-11-21 10:47	2014-06-6	Show	GitHub Exploit DB Packet Storm

292023	-	owncloud	owncloud	settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via crafted mount point settings.	CWE-94 Code Injection	CVE-2013-0204	2024-11-21 10:47	2014-06-4	Show	GitHub Exploit DB Packet Storm

292024	-	lucas_clemente_vella	libpam-pgsql	libpam-pgsql (aka pam_pgsql) 0.7 does not properly handle a NULL value returned by the password search query, which allows remote attackers to bypass authentication via a crafted password.	CWE-287 Improper Authentication	CVE-2013-0191	2024-11-21 10:47	2014-06-3	Show	GitHub Exploit DB Packet Storm

292025	-	redhat	freeipa	The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0199	2024-11-21 10:47	2014-05-29	Show	GitHub Exploit DB Packet Storm

292026	-	isync_project	isync	Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…	CWE-310 Cryptographic Issues	CVE-2013-0289	2024-11-21 10:47	2014-05-23	Show	GitHub Exploit DB Packet Storm

292027	-	mantisbt	mantisbt	Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or …	CWE-79 Cross-site Scripting	CVE-2013-0197	2024-11-21 10:47	2014-05-15	Show	GitHub Exploit DB Packet Storm

292028	-	varnish_cache_project	varnish_cache	varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. N…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0345	2024-11-21 10:47	2014-05-8	Show	GitHub Exploit DB Packet Storm

292029	-	theforeman	foreman	The smart proxy Puppet run API in Foreman before 1.2.0 allows remote attackers to execute arbitrary commands via vectors related to escaping and Puppet commands.	CWE-94 Code Injection	CVE-2013-0210	2024-11-21 10:47	2014-05-8	Show	GitHub Exploit DB Packet Storm

292030	-	theforeman	foreman	Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or (2) AJAX request.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0187	2024-11-21 10:47	2014-05-8	Show	GitHub Exploit DB Packet Storm