Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219561 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の JavaScript エンジンの TypeObject クラスにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2014-1512 2014-04-8 17:07 2014-03-18 Show GitHub Exploit DB Packet Storm
219562 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品におけるポップアップブロッカーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1511 2014-04-8 17:06 2014-03-18 Show GitHub Exploit DB Packet Storm
219563 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の Web IDL の実装におけるクローム特権で任意の JavaScript コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-1510 2014-04-8 17:05 2014-03-18 Show GitHub Exploit DB Packet Storm
219564 7.6 危険 Mozilla Foundation - 複数の Mozilla 製品で使用される Cairo の _cairo_truetype_index_to_ucs4 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-1509 2014-04-8 17:04 2014-03-18 Show GitHub Exploit DB Packet Storm
219565 6.8 警告 Mozilla Foundation - 複数の Mozilla 製品の libxul.so!gfxContext::Polygon 関数におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-119
バッファエラー 		CVE-2014-1508 2014-04-8 17:03 2014-03-18 Show GitHub Exploit DB Packet Storm
219566 6.8 警告 Mozilla Foundation - 複数の Mozilla 製品の SVG フィルタの実装における重要な変位相関情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1505 2014-04-8 17:03 2014-03-18 Show GitHub Exploit DB Packet Storm
219567 6.8 警告 Mozilla Foundation - 複数の Mozilla 製品の mozilla::WaveReader::DecodeAudioData 機能における重要な情報を取得される脆弱性 CWE-119
バッファエラー 		CVE-2014-1497 2014-04-8 17:02 2014-03-18 Show GitHub Exploit DB Packet Storm
219568 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2014-1493 2014-04-8 17:01 2014-03-18 Show GitHub Exploit DB Packet Storm
219569 4.3 警告 Huawei - Huawei Echo Life 光ルータにクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0337 2014-04-8 16:56 2014-04-2 Show GitHub Exploit DB Packet Storm
219570 5 警告 Net-SNMP - Net-SNMP の ICMP-MIB の Linux の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2284 2014-04-8 15:54 2014-02-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293551 - oscommerce
harald_ponce_de_leon 		oscommerce
authorize.net 		The Authorize.Net module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows … CWE-20
 Improper Input Validation  		CVE-2012-5793 2024-11-21 10:45 2012-11-5 Show GitHub Exploit DB Packet Storm
293552 - oscommerce
sagepay 		oscommerce
sage_pay_direct_module 		The Sage Pay Direct module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allow… CWE-20
 Improper Input Validation  		CVE-2012-5792 2024-11-21 10:45 2012-11-5 Show GitHub Exploit DB Packet Storm
293553 - paypal invoicing PayPal Invoicing does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle atta… CWE-20
 Improper Input Validation  		CVE-2012-5791 2024-11-21 10:45 2012-11-5 Show GitHub Exploit DB Packet Storm
293554 - paypal payments_standard PayPal Payments Standard PHP Library 20120427 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which … CWE-20
 Improper Input Validation  		CVE-2012-5790 2024-11-21 10:45 2012-11-5 Show GitHub Exploit DB Packet Storm
293555 - paypal payments_standard PayPal Payments Standard PHP Library before 20120427 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate,… CWE-20
 Improper Input Validation  		CVE-2012-5789 2024-11-21 10:45 2012-11-5 Show GitHub Exploit DB Packet Storm
293556 - paypal ipn The PayPal IPN utility does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middl… CWE-20
 Improper Input Validation  		CVE-2012-5788 2024-11-21 10:45 2012-11-5 Show GitHub Exploit DB Packet Storm
293557 - paypal merchant_sdk The PayPal merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd… CWE-20
 Improper Input Validation  		CVE-2012-5787 2024-11-21 10:45 2012-11-5 Show GitHub Exploit DB Packet Storm
293558 - apache cxf The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF before 2.7.0 does not verify that the server hostname matches a domain name in the s… CWE-20
 Improper Input Validation  		CVE-2012-5786 2024-11-21 10:45 2012-11-5 Show GitHub Exploit DB Packet Storm
293559 - apache axis2 Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man… CWE-20
 Improper Input Validation  		CVE-2012-5785 2024-11-21 10:45 2012-11-5 Show GitHub Exploit DB Packet Storm
293560 - apache
paypal 		axis
mass_pay
transactional_information_soap
payments_pro
activemq 		Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, do… CWE-20
 Improper Input Validation  		CVE-2012-5784 2024-11-21 10:45 2012-11-5 Show GitHub Exploit DB Packet Storm