Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
219221	7.8	危険	シスコシステムズ	-	Cisco TelePresence TC ソフトウェアおよび TE ソフトウェアの SIP の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-2164	2014-05-7 18:30	2014-04-30	Show	GitHub Exploit DB Packet Storm

219222	7.8	危険	シスコシステムズ	-	Cisco TelePresence TC ソフトウェアおよび TE ソフトウェアの SIP の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-2163	2014-05-7 18:30	2014-04-30	Show	GitHub Exploit DB Packet Storm

219223	7.8	危険	シスコシステムズ	-	Cisco TelePresence TC ソフトウェアおよび TE ソフトウェアの SIP の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-2162	2014-05-7 18:29	2014-04-30	Show	GitHub Exploit DB Packet Storm

219224	4	警告	Plone Foundation	-	Plone の Products/CMFPlone/CatalogTool.py における制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-7061	2014-05-7 17:38	2013-12-10	Show	GitHub Exploit DB Packet Storm

219225	5	警告	Plone Foundation	-	Plone の Products/CMFPlone/FactoryTool.py におけるインストールパスを取得される脆弱性	CWE-200 情報漏えい	CVE-2013-7060	2014-05-7 17:37	2013-12-10	Show	GitHub Exploit DB Packet Storm

219226	5	警告	エマソン	-	Emerson Avocent MergePoint Unity にディレクトリトラバーサルの脆弱性	CWE-22 CWE-Other	CVE-2013-6030	2014-05-7 17:24	2014-01-23	Show	GitHub Exploit DB Packet Storm

219227	6.9	警告	fishshell	-	fish における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2905	2014-05-7 16:10	2014-04-28	Show	GitHub Exploit DB Packet Storm

219228	7.5	危険	Dynamix Solutions	-	Ruby 用 Arabic Prawn gem の lib/string_utf_support.rb における任意のコマンドを実行される脆弱性	CWE-Other その他	CVE-2014-2322	2014-05-7 16:02	2014-03-10	Show	GitHub Exploit DB Packet Storm

219229	4.3	警告	シトリックス・システムズ	-	Citrix NetScaler Gateway におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-1899	2014-05-7 15:39	2014-04-30	Show	GitHub Exploit DB Packet Storm

219230	6.5	警告	Xerox	-	Xerox DocuShare における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-3138	2014-05-7 15:07	2014-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293961	-	restful_web_services_project	restful_web_services	Multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.1 and 7.x-2.x before 7.x-2.0-alpha3 for Drupal allow remote attackers to hi…	CWE-352 Origin Validation Error	CVE-2012-5556	2024-11-21 10:44	2012-12-4	Show	GitHub Exploit DB Packet Storm

293962	-	coleman_watts	webform_civicrm	The default configuration for the Webform CiviCRM Integration module 7.x-3.x before 7.x-3.2 has "Enforce Permissions" disabled, which allows remote attackers to obtain contact information by reading …	CWE-200 Information Exposure	CVE-2012-5554	2024-11-21 10:44	2012-12-4	Show	GitHub Exploit DB Packet Storm

293963	-	daniel_honrade	om_maximenu	Multiple cross-site scripting (XSS) vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM M…	CWE-79 Cross-site Scripting	CVE-2012-5553	2024-11-21 10:44	2012-12-4	Show	GitHub Exploit DB Packet Storm

293964	-	erikwebb	password_policy	The Password policy module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to obtain password hashes by sniffing the network, related to "client-side password his…	CWE-200 Information Exposure	CVE-2012-5552	2024-11-21 10:44	2012-12-4	Show	GitHub Exploit DB Packet Storm

293965	-	thinkshout	mailchimp	Multiple cross-site scripting (XSS) vulnerabilities in the MailChimp module 7.x-2.x before 7.x-2.7 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) …	CWE-79 Cross-site Scripting	CVE-2012-5551	2024-11-21 10:44	2012-12-4	Show	GitHub Exploit DB Packet Storm

293966	-	carlos_carvalhar	time_spent	SQL injection vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2012-5550	2024-11-21 10:44	2012-12-4	Show	GitHub Exploit DB Packet Storm

293967	-	carlos_carvalhar	time_spent	Cross-site request forgery (CSRF) vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.	CWE-352 Origin Validation Error	CVE-2012-5549	2024-11-21 10:44	2012-12-4	Show	GitHub Exploit DB Packet Storm

293968	-	carlos_carvalhar	time_spent	Cross-site scripting (XSS) vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2012-5548	2024-11-21 10:44	2012-12-4	Show	GitHub Exploit DB Packet Storm

293969	-	thomas_seidl	search_api	Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of administrators for request…	CWE-352 Origin Validation Error	CVE-2012-5547	2024-11-21 10:44	2012-12-4	Show	GitHub Exploit DB Packet Storm

293970	-	rob_loach	sharethis	Multiple cross-site scripting (XSS) vulnerabilities in the ShareThis module 7.x-2.x before 7.x-2.5 for Drupal allow remote authenticated users with the "administer sharethis" permission to inject arb…	CWE-79 Cross-site Scripting	CVE-2012-5545	2024-11-21 10:44	2012-12-4	Show	GitHub Exploit DB Packet Storm