Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
219351	7.5	危険	phpManufaktur	-	KeepInTouch モジュール用 phpManufaktur kitForm 拡張機能における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-3757	2014-05-19 15:48	2014-04-20	Show	GitHub Exploit DB Packet Storm

219352	5.8	警告	Bilyoner.com	-	Android 用および iOS 用 Bilyoner アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-3750	2014-05-19 15:43	2014-05-15	Show	GitHub Exploit DB Packet Storm

219353	4.3	警告	Open Dynamics	-	Collabtive におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-3247	2014-05-19 15:26	2014-05-8	Show	GitHub Exploit DB Packet Storm

219354	10	危険	PCMan's FTP Server project	-	PCMan's FTP Server におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-4730	2014-05-19 15:16	2013-06-27	Show	GitHub Exploit DB Packet Storm

219355	2.1	注意	MantisBT Group	-	MantisBT の core/summary_api.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-1810	2014-05-19 14:16	2013-01-18	Show	GitHub Exploit DB Packet Storm

219356	4.3	警告	MantisBT Group	-	MantisBT の core/filter_api.php 内の filter_draw_selection_area2 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0197	2014-05-19 14:15	2013-01-18	Show	GitHub Exploit DB Packet Storm

219357	6.4	警告	XiaoWen Huang	-	iOS 用 YingZhi Python Programming Language の FTP サーバにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-5655	2014-05-19 13:45	2013-08-28	Show	GitHub Exploit DB Packet Storm

219358	4.3	警告	Phpcms	-	PHPCMS 用 Guestbook モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-5939	2014-05-19 12:10	2013-10-23	Show	GitHub Exploit DB Packet Storm

219359	5	警告	OpenStack	-	OpenStack Dashboard の Identity v3 API におけるユーザのパスワードを変更される脆弱性	CWE-255 証明書・パスワード管理	CVE-2013-4471	2014-05-19 12:03	2013-11-22	Show	GitHub Exploit DB Packet Storm

219360	6.5	警告	VICIDIAL Group	-	VICIDIAL ダイヤラーにおける任意のコマンドを実行される脆弱性	CWE-Other その他	CVE-2013-4468	2014-05-19 11:53	2013-10-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
296171	-	mozilla suse opensuse redhat canonical debian	firefox seamonkey thunderbird thunderbird_esr linux_enterprise_desktop opensuse linux_enterprise_server linux_enterprise_software_development_kit enterprise_linux_server en…	Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0…	CWE-416 Use After Free	CVE-2012-3959	2024-11-21 10:41	2012-08-29	Show	GitHub Exploit DB Packet Storm

296172	-	mozilla suse opensuse redhat canonical	firefox seamonkey thunderbird thunderbird_esr linux_enterprise_desktop opensuse linux_enterprise_server linux_enterprise_software_development_kit enterprise_linux_server en…	Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and…	CWE-787 Out-of-bounds Write	CVE-2012-3957	2024-11-21 10:41	2012-08-29	Show	GitHub Exploit DB Packet Storm

296173	-	mozilla suse opensuse redhat canonical	firefox seamonkey thunderbird thunderbird_esr linux_enterprise_desktop opensuse linux_enterprise_server linux_enterprise_software_development_kit enterprise_linux_server en…	Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 1…	CWE-416 Use After Free	CVE-2012-3956	2024-11-21 10:41	2012-08-29	Show	GitHub Exploit DB Packet Storm

296174	-	tor	tor	routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information abo…	CWE-200 Information Exposure	CVE-2012-3519	2024-11-21 10:41	2012-08-26	Show	GitHub Exploit DB Packet Storm

296175	-	tor	tor	The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-3518	2024-11-21 10:41	2012-08-26	Show	GitHub Exploit DB Packet Storm

296176	-	tor	tor	Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests.	CWE-399 Resource Management Errors	CVE-2012-3517	2024-11-21 10:41	2012-08-26	Show	GitHub Exploit DB Packet Storm

296177	-	jabberd2 jabber2	jabberd2	s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (…	CWE-20 Improper Input Validation	CVE-2012-3525	2024-11-21 10:41	2012-08-26	Show	GitHub Exploit DB Packet Storm

296178	-	nicolas_cannasse	ocaml_xml-light_library	OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service …	CWE-310 Cryptographic Issues	CVE-2012-3514	2024-11-21 10:41	2012-08-25	Show	GitHub Exploit DB Packet Storm

296179	-	roundcube	webmail	Cross-site scripting (XSS) vulnerability in program/lib/washtml.php in Roundcube Webmail 0.8.0 allows remote attackers to inject arbitrary web script or HTML by using "javascript:" in an href attribu…	CWE-79 Cross-site Scripting	CVE-2012-3508	2024-11-21 10:41	2012-08-25	Show	GitHub Exploit DB Packet Storm

296180	-	roundcube	webmail	Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML vi…	CWE-79 Cross-site Scripting	CVE-2012-3507	2024-11-21 10:41	2012-08-25	Show	GitHub Exploit DB Packet Storm