Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
219371	4.3	警告	SFR	-	SFR Box ルータのファームウェアにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-1599	2014-03-11 15:46	2014-02-25	Show	GitHub Exploit DB Packet Storm

219372	4.3	警告	Atlassian	-	Atlassian JIRA の Issue Collector プラグインにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-2314	2014-03-11 15:26	2014-02-26	Show	GitHub Exploit DB Packet Storm

219373	4.3	警告	Atlassian	-	Atlassian JIRA の Importers プラグインにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-2313	2014-03-11 15:26	2014-02-26	Show	GitHub Exploit DB Packet Storm

219374	4.9	警告	nongnu	-	OATH Toolkit の liboath の usersfile.c におけるリプレイ攻撃を実行される脆弱性	CWE-287 不適切な認証	CVE-2013-7322	2014-03-11 15:15	2013-12-9	Show	GitHub Exploit DB Packet Storm

219375	5	警告	Puppet	-	Puppet Enterprise における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4971	2014-03-11 14:43	2013-07-29	Show	GitHub Exploit DB Packet Storm

219376	6.4	警告	Puppet	-	Puppet Enterprise のマスタの外部ノード分類スクリプトにおけるマスタに任意の分類を作成される脆弱性	CWE-287 不適切な認証	CVE-2013-4966	2014-03-11 14:42	2013-07-29	Show	GitHub Exploit DB Packet Storm

219377	6.8	警告	Free Document Management Software	-	OpenDocMan の ajax_udf.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-2317	2014-03-11 14:39	2014-02-24	Show	GitHub Exploit DB Packet Storm

219378	7.5	危険	Free Document Management Software	-	OpenDocMan の ajax_udf.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-1945	2014-03-11 14:39	2014-02-24	Show	GitHub Exploit DB Packet Storm

219379	4.3	警告	ilch.de	-	Ilch CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-1944	2014-03-11 14:38	2014-02-19	Show	GitHub Exploit DB Packet Storm

219380	4.3	警告	Engineering Ingegneria Informatica	-	SpagoBI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-6233	2014-03-11 14:37	2013-12-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295461	-	microsoft	windows_server_2008 windows_xp windows_7 windows_server_2003 windows_vista windows_2003_server	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro…	CWE-20 Improper Input Validation	CVE-2012-1866	2024-11-21 10:37	2012-06-13	Show	GitHub Exploit DB Packet Storm

295462	-	microsoft	windows_server_2008 windows_xp windows_7 windows_server_2003 windows_vista windows_2003_server	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro…	CWE-20 Improper Input Validation	CVE-2012-1865	2024-11-21 10:37	2012-06-13	Show	GitHub Exploit DB Packet Storm

295463	-	microsoft	windows_server_2008 windows_xp windows_7 windows_server_2003 windows_vista windows_2003_server	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro…	CWE-20 Improper Input Validation	CVE-2012-1864	2024-11-21 10:37	2012-06-13	Show	GitHub Exploit DB Packet Storm

295464	-	microsoft	lync office_communicator internet_explorer	The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, w…	CWE-200 Information Exposure	CVE-2012-1858	2024-11-21 10:37	2012-06-13	Show	GitHub Exploit DB Packet Storm

295465	-	microsoft	dynamics_ax	Cross-site scripting (XSS) vulnerability in the Enterprise Portal component in Microsoft Dynamics AX 2012 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Dynami…	CWE-79 Cross-site Scripting	CVE-2012-1857	2024-11-21 10:37	2012-06-13	Show	GitHub Exploit DB Packet Storm

295466	-	microsoft	.net_framework	Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application…	CWE-94 Code Injection	CVE-2012-1855	2024-11-21 10:37	2012-06-13	Show	GitHub Exploit DB Packet Storm

295467	-	microsoft	lync	Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonst…	NVD-CWE-Other	CVE-2012-1849	2024-11-21 10:37	2012-06-13	Show	GitHub Exploit DB Packet Storm

295468	-	microsoft	internet_explorer	Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote C…	CWE-94 Code Injection	CVE-2012-1523	2024-11-21 10:37	2012-06-13	Show	GitHub Exploit DB Packet Storm

295469	-	forescout	counteract	Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web s…	CWE-79 Cross-site Scripting	CVE-2012-1825	2024-11-21 10:37	2012-06-12	Show	GitHub Exploit DB Packet Storm

295470	-	emerson	deltav deltav_workstation deltav_proessentials_scientific_graph	An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitra…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-1818	2024-11-21 10:37	2012-06-9	Show	GitHub Exploit DB Packet Storm