Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219111 5 警告 Petri Lehtinen - Jansson におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-6401 2014-03-24 20:17 2013-11-27 Show GitHub Exploit DB Packet Storm
219112 4.3 警告 Uwe Steinmann - SeedDMS の検索機能 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2280 2014-03-24 20:13 2014-02-21 Show GitHub Exploit DB Packet Storm
219113 4.3 警告 Preben Bjorn Biermann Madsen - CMSimple Classic の whizzywig/wb.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2219 2014-03-24 20:03 2014-03-19 Show GitHub Exploit DB Packet Storm
219114 4.3 警告 Open-Xchange - Open-Xchange AppSuite のフロントエンドにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2077 2014-03-24 19:57 2014-03-17 Show GitHub Exploit DB Packet Storm
219115 9.3 危険 SolarWinds - DameWare Remote Support の DameWare Exporter ツールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-3249 2014-03-24 19:41 2013-07-25 Show GitHub Exploit DB Packet Storm
219116 4.3 警告 Combodo - iTop の検索機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0805 2014-03-24 19:36 2013-01-23 Show GitHub Exploit DB Packet Storm
219117 2.6 注意 株式会社NTTドコモ - spモードメールにおける受信メールの添付ファイルへのアクセスに関する問題 CWE-264
認可・権限・アクセス制御 		CVE-2014-1977 2014-03-24 19:04 2014-03-18 Show GitHub Exploit DB Packet Storm
219118 4.3 警告 ES APP Group - ES File Explorer におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-1970 2014-03-24 18:49 2014-03-20 Show GitHub Exploit DB Packet Storm
219119 4.3 警告 Silex Labs - Silex におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-1971 2014-03-24 18:25 2014-03-20 Show GitHub Exploit DB Packet Storm
219120 6.5 警告 IBM - IBM Rational ClearCase におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-0829 2014-03-24 17:51 2014-03-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293901 - fortinet fortigate-3140b
fortigate-60c
fortigate-3040b
fortigate-300c
fortigate-600c
fortigate-5001a-sw
fortigate-3240c
fortigate-310b
fortigate-800c
fortigate-5020
fortigate-100… 		The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier … CWE-295
Improper Certificate Validation  		CVE-2012-4948 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293902 - ibm websphere_application_server Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hij… CWE-352
 Origin Validation Error 		CVE-2012-4853 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293903 - ibm websphere_application_server Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. CWE-79
Cross-site Scripting 		CVE-2012-4851 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293904 - ibm websphere_application_server IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1, when JAX-RS is used, does not properly validate requests, which allows remote attackers to gain privileges via unspecified vectors. CWE-20
 Improper Input Validation  		CVE-2012-4850 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293905 - ibm cognos_business_intelligence IBM Cognos Business Intelligence (BI) 8.4 and 8.4.1 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted request containing a zero-valued byte. CWE-189
Numeric Errors 		CVE-2012-4847 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293906 - microsoft .net_framework The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary c… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4777 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293907 - microsoft .net_framework The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy setting… CWE-20
 Improper Input Validation  		CVE-2012-4776 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293908 - microsoft internet_explorer Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability." CWE-399
 Resource Management Errors 		CVE-2012-4775 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293909 - bestpractical rt Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG clie… CWE-94
Code Injection 		CVE-2012-4884 2024-11-21 10:43 2012-11-11 Show GitHub Exploit DB Packet Storm
293910 - bestpractical rt Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "mod… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4734 2024-11-21 10:43 2012-11-11 Show GitHub Exploit DB Packet Storm