Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219321 4.6 警告 Novell - Novell Identity Manager の Fan-Out Platform Services における任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2014-4509 2014-06-24 11:05 2014-06-17 Show GitHub Exploit DB Packet Storm
219322 5 警告 D-Link Systems, Inc. - D-Link DIR-601 Wireless N150 Home Router のファームウェアにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4821 2014-06-24 11:04 2011-12-5 Show GitHub Exploit DB Packet Storm
219323 7.5 危険 Ubisoft - Ubisoft Rayman Legends におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-4334 2014-06-23 16:28 2014-06-17 Show GitHub Exploit DB Packet Storm
219324 6.8 警告 ZTE - ZTE ZXV10 W300 ルータのファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-4155 2014-06-23 16:06 2014-05-15 Show GitHub Exploit DB Packet Storm
219325 4.3 警告 Apache Software Foundation - Apache Open For Business Project におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1621 2014-06-23 15:28 2012-04-15 Show GitHub Exploit DB Packet Storm
219326 5 警告 Apache Software Foundation - Apache MyFaces Core の MyFaces JavaServer Faces におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4367 2014-06-23 15:26 2011-11-4 Show GitHub Exploit DB Packet Storm
219327 7.8 危険 Belkin International - Belkin N150 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-2962 2014-06-23 13:52 2014-06-18 Show GitHub Exploit DB Packet Storm
219328 5.5 警告 F5 Networks - F5 ARX Data Manager に SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-2949 2014-06-23 13:52 2014-06-17 Show GitHub Exploit DB Packet Storm
219329 4 警告 東日本旅客鉄道株式会社 - Android 版アプリ「JR東日本アプリ」における SSL サーバ証明書の検証不備の脆弱性 CWE-Other
その他 		CVE-2014-2001 2014-06-23 13:51 2014-06-18 Show GitHub Exploit DB Packet Storm
219330 2.6 注意 エヌ・ティ・ティ・コミュニケーションズ株式会社 - Android 版アプリ「050 plus」における情報管理不備の脆弱性 CWE-200
情報漏えい 		CVE-2014-2000 2014-06-23 13:51 2014-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
296851 - 3s-software codesys_runtime_system Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x allows remote attackers to read, overwrite, or create arbitrary files via a .. (dot dot) in a reques… CWE-22
Path Traversal 		CVE-2012-6069 2024-11-21 10:45 2013-01-22 Show GitHub Exploit DB Packet Storm
296852 - 3s-software codesys_runtime_system The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to (1) execute commands via the command-line interface in the TCP listener… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-6068 2024-11-21 10:45 2013-01-22 Show GitHub Exploit DB Packet Storm
296853 - php php The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 through 5.3.13 does not initialize a certain variable, which allows remote attackers to obtain sensitive information from process me… CWE-200
Information Exposure 		CVE-2012-6113 2024-11-21 10:45 2013-01-20 Show GitHub Exploit DB Packet Storm
296854 - cisco adaptive_security_appliance_software
adaptive_security_appliance
asa_1000v_cloud_firewall
asa_5500 		Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device cra… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-5717 2024-11-21 10:45 2013-01-19 Show GitHub Exploit DB Packet Storm
296855 - rpm rpm The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass … CWE-255
Credentials Management 		CVE-2012-6088 2024-11-21 10:45 2013-01-18 Show GitHub Exploit DB Packet Storm
296856 - fireflymediaserver firefly_media_server Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service (NULL pointer dereference) via a (1) crafted Connection HTTP header; a return carriage control character in the (2… NVD-CWE-Other
CVE-2012-5875 2024-11-21 10:45 2013-01-18 Show GitHub Exploit DB Packet Storm
296857 5.5 MEDIUM
Local 		inkscape
fedoraproject
canonical
opensuse 		inkscape
fedora
ubuntu_linux
opensuse 		The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack. CWE-611
XXE 		CVE-2012-5656 2024-11-21 10:45 2013-01-18 Show GitHub Exploit DB Packet Storm
296858 - specview specview Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI. CWE-22
Path Traversal 		CVE-2012-5972 2024-11-21 10:45 2013-01-18 Show GitHub Exploit DB Packet Storm
296859 - elite-board elite_bulletin_board Multiple SQL injection vulnerabilities in the (1) update_whosonline_reg and (2) update_whosonline_guest functions in Elite Bulletin Board before 2.1.22 allow remote attackers to execute arbitrary SQL… CWE-89
SQL Injection 		CVE-2012-5874 2024-11-21 10:45 2013-01-12 Show GitHub Exploit DB Packet Storm
296860 - digium asterisk
certified_asterisk 		Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk Digiumphones 10.x-digiumphones before 10.11.1-dig… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-5977 2024-11-21 10:45 2013-01-5 Show GitHub Exploit DB Packet Storm