Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219141 4.3 警告 Moodle - Moodle の enrol/index.php における重要な名前および概要の情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-0217 2014-05-28 18:29 2014-05-19 Show GitHub Exploit DB Packet Storm
219142 4 警告 Moodle - Moodle の blind-marking の実装における学生 ID の匿名性が失われる脆弱性 CWE-200
情報漏えい 		CVE-2014-0215 2014-05-28 18:28 2014-05-19 Show GitHub Exploit DB Packet Storm
219143 6.8 警告 Moodle - Moodle の login/token.php におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2014-0214 2014-05-28 18:28 2014-05-19 Show GitHub Exploit DB Packet Storm
219144 6.8 警告 Moodle - Moodle の Assignment サブシステムの mod/assign/locallib.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-0213 2014-05-28 18:27 2014-05-19 Show GitHub Exploit DB Packet Storm
219145 4.3 警告 iMember360 - WordPress 用 iMember360 プラグインにおける任意のユーザを削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3849 2014-05-28 18:26 2014-04-24 Show GitHub Exploit DB Packet Storm
219146 5 警告 iMember360 - WordPress 用 iMember360 プラグインにおけるデータベースの資格情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3848 2014-05-28 18:26 2014-04-17 Show GitHub Exploit DB Packet Storm
219147 7.2 危険 Panda Security - 複数の Panda Security 製品における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2014-3450 2014-05-28 18:25 2014-05-20 Show GitHub Exploit DB Packet Storm
219148 4.3 警告 OpalVOIP
Ekiga.org
Novell		 - Ekiga で使用される Portable Tool Library におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-1864 2014-05-28 18:21 2013-01-12 Show GitHub Exploit DB Packet Storm
219149 6.8 警告 Ivan Zahariev - IZArc におけるファイル拡張子を偽装する攻撃を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-2720 2014-05-28 18:20 2014-05-5 Show GitHub Exploit DB Packet Storm
219150 4.9 警告 Linux - Linux kernel の kernel/futex.c 内の futex_wait_requeue_pi 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-6647 2014-05-28 18:19 2012-08-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
296381 - david_alkire drag_\&_drop_gallery SQL injection vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2012-4479 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296382 - david_alkire drag_\&_drop_gallery Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators. CWE-352
 Origin Validation Error 		CVE-2012-4478 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296383 - david_alkire drag_\&_drop_gallery Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4477 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296384 - david_alkire drag_\&_drop_gallery Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-4476 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296385 - security_questions_project security_questions The Security Questions module for Drupal 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.1 does not properly restrict access, which allows remote attackers to edit an arbitrary user's questions and a… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4475 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296386 - colorbox_node dennis_blake Multiple cross-site scripting (XSS) vulnerabilities in the Colorbox Node module 7.x-2.x before 7.x-2.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified paramet… CWE-79
Cross-site Scripting 		CVE-2012-4474 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296387 - christian_johansson restrict_node_page_view The Restrict node page view module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "view any node page" or "view any node {type} page" permission to access unpublished no… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4473 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296388 - david_alkire drag_\&_drop_gallery Unrestricted file upload vulnerability in upload.php in the Drag & Drop Gallery module 6.x-1.5 and earlier for Drupal allows remote attackers to execute arbitrary PHP code by uploading a file with an… NVD-CWE-Other
CVE-2012-4472 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296389 - dominique_clause search_autocomplete The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the p… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4471 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm
296390 - philip_ludlam listhandler The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4470 2024-11-21 10:42 2012-12-1 Show GitHub Exploit DB Packet Storm