Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219171 4.3 警告 Open Web Analytics - Open Web Analytics のログインページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-1456 2014-03-4 15:04 2014-02-1 Show GitHub Exploit DB Packet Storm
219172 7.5 危険 SimpleHRM - SimpleHRM の flexycms/modules/user/user_manager.php のログインページにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-2498 2014-03-4 14:58 2013-04-12 Show GitHub Exploit DB Packet Storm
219173 4.3 警告 CMS Made Simple - CMS Made Simple の lib/filemanager/ImageManager/editorFrame.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2092 2014-03-4 14:46 2014-02-20 Show GitHub Exploit DB Packet Storm
219174 3.5 注意 CMS Made Simple - CMS Made Simple にクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0334 2014-03-4 14:43 2014-02-28 Show GitHub Exploit DB Packet Storm
219175 3.5 注意 ATutor - ATutor の mods/_standard/forums/admin/forum_add.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2091 2014-03-4 14:02 2014-02-19 Show GitHub Exploit DB Packet Storm
219176 3.5 注意 ILIAS - ILIAS の ilias.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2090 2014-03-4 13:58 2014-02-21 Show GitHub Exploit DB Packet Storm
219177 6.8 警告 ILIAS - ILIAS における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-2089 2014-03-4 13:57 2014-02-21 Show GitHub Exploit DB Packet Storm
219178 6.5 警告 ILIAS - ILIAS の ilias.php における任意の PHP コードを実行される脆弱性 CWE-Other
その他 		CVE-2014-2088 2014-03-4 13:57 2014-02-21 Show GitHub Exploit DB Packet Storm
219179 7.2 危険 Norman - Norman Security Suite における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0816 2014-03-3 18:57 2014-02-26 Show GitHub Exploit DB Packet Storm
219180 4.3 警告 理化学研究所 脳科学総合研究センター 神経情報基盤センター - XooNIps におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-1968 2014-03-3 18:56 2014-02-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
295491 - postfix postfix Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt func… CWE-89
SQL Injection 		CVE-2012-0811 2024-11-21 10:35 2014-10-1 Show GitHub Exploit DB Packet Storm
295492 - opensuse
systemd_project 		opensuse
systemd 		The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on… CWE-59
Link Following 		CVE-2012-0871 2024-11-21 10:35 2014-04-18 Show GitHub Exploit DB Packet Storm
295493 - puppet puppet_enterprise
puppet_dashboard 		Multiple cross-site scripting (XSS) vulnerabilities in Puppet Dashboard 1.0 before 1.2.5 and Enterprise 1.0 before 1.2.5 and 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or … CWE-79
Cross-site Scripting 		CVE-2012-0891 2024-11-21 10:35 2014-03-15 Show GitHub Exploit DB Packet Storm
295494 - systemtap systemtap SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-0875 2024-11-21 10:35 2014-02-5 Show GitHub Exploit DB Packet Storm
295495 - redhat
augeas 		enterprise_linux
augeas 		The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files a… NVD-CWE-noinfo
CVE-2012-0787 2024-11-21 10:35 2013-11-24 Show GitHub Exploit DB Packet Storm
295496 - augeas augeas The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file. CWE-59
Link Following 		CVE-2012-0786 2024-11-21 10:35 2013-11-24 Show GitHub Exploit DB Packet Storm
295497 - drupal drupal The File module in Drupal 7.x before 7.11, when using unspecified field access modules, allows remote authenticated users to read arbitrary private files that are associated with restricted fields vi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-0827 2024-11-21 10:35 2013-10-29 Show GitHub Exploit DB Packet Storm
295498 - drupal drupal Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for … CWE-352
 Origin Validation Error 		CVE-2012-0826 2024-11-21 10:35 2013-10-29 Show GitHub Exploit DB Packet Storm
295499 - drupal drupal Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without det… CWE-200
Information Exposure 		CVE-2012-0825 2024-11-21 10:35 2013-10-29 Show GitHub Exploit DB Packet Storm
295500 - gnu glibc Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct for… CWE-189
Numeric Errors 		CVE-2012-0864 2024-11-21 10:35 2013-05-2 Show GitHub Exploit DB Packet Storm