Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219771 6.8 警告 Carbon Black, Inc. - Carbon Black におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-1615 2014-04-24 18:20 2014-04-1 Show GitHub Exploit DB Packet Storm
219772 6.5 警告 MobFox - MobFox mAdserve における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-2654 2014-04-24 18:20 2014-03-26 Show GitHub Exploit DB Packet Storm
219773 3.5 注意 IBM - IBM Sterling Order Management および Sterling Selling and Fulfillment Foundation におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0932 2014-04-24 17:51 2014-04-15 Show GitHub Exploit DB Packet Storm
219774 5.5 警告 IBM - IBM Rational Software Architect Design Manager および Rational Rhapsody Design Manager におけるデータを変更される脆弱性 CWE-noinfo
情報不足 		CVE-2013-5459 2014-04-24 17:50 2013-08-22 Show GitHub Exploit DB Packet Storm
219775 5.8 警告 WinSCP - WinSCP における SSL サーバになりすまされる脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2735 2014-04-24 17:01 2014-04-14 Show GitHub Exploit DB Packet Storm
219776 6.4 警告 Vtiger - Vtiger の modules/Users/ForgotPassword.php における任意のユーザのパスワードをリセットされる脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2269 2014-04-24 16:55 2014-03-16 Show GitHub Exploit DB Packet Storm
219777 7.5 危険 FitNesse - FitNesse Wiki における任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2014-1216 2014-04-24 16:48 2014-02-25 Show GitHub Exploit DB Packet Storm
219778 5.8 警告 Automattic Inc. - WordPress 用 Jetpack プラグインにおける制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0173 2014-04-24 16:41 2014-04-10 Show GitHub Exploit DB Packet Storm
219779 6.5 警告 レッドハット - JBossAS 用 JBoss Overlord Run Time Governance における任意の Java コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-6469 2014-04-24 16:30 2013-11-4 Show GitHub Exploit DB Packet Storm
219780 6.8 警告 アップル - Apple OS X の ImageIO におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-1319 2014-04-24 15:53 2014-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294321 - redhat satellite
satellite_5_managed_db
spacewalk-java 		Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the… CWE-79
Cross-site Scripting 		CVE-2012-6149 2024-11-21 10:45 2014-02-15 Show GitHub Exploit DB Packet Storm
294322 - pidgin pidgin The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte … CWE-20
 Improper Input Validation  		CVE-2012-6152 2024-11-21 10:45 2014-02-7 Show GitHub Exploit DB Packet Storm
294323 - zabbix zabbix libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-… CWE-310
Cryptographic Issues 		CVE-2012-6086 2024-11-21 10:45 2014-01-30 Show GitHub Exploit DB Packet Storm
294324 - apple
canonical
net-snmp 		mac_os_x
ubuntu_linux
net-snmp 		Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, … CWE-399
 Resource Management Errors 		CVE-2012-6151 2024-11-21 10:45 2013-12-14 Show GitHub Exploit DB Packet Storm
294325 - samba
canonical 		samba
ubuntu_linux 		The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which all… CWE-20
 Improper Input Validation  		CVE-2012-6150 2024-11-21 10:45 2013-12-4 Show GitHub Exploit DB Packet Storm
294326 - kth
opensuse 		snack_sound_toolkit
wavesurfer
opensuse 		Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-6303 2024-11-21 10:45 2013-10-29 Show GitHub Exploit DB Packet Storm
294327 - oracle
mariadb 		mysql
mariadb 		Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection wh… CWE-522
 Insufficiently Protected Credentials 		CVE-2012-5627 2024-11-21 10:45 2013-10-2 Show GitHub Exploit DB Packet Storm
294328 - moodle moodle repository/s3/S3.php in the Amazon S3 library in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not verify that the server hostname matches a domain name i… CWE-20
 Improper Input Validation  		CVE-2012-6087 2024-11-21 10:45 2013-09-16 Show GitHub Exploit DB Packet Storm
294329 - cisco wireless_control_system
prime_network_control_system 		Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System (NCS) and Wireless Control System (WCS) allow remote attackers to inject arbitr… CWE-79
Cross-site Scripting 		CVE-2012-5990 2024-11-21 10:45 2013-09-6 Show GitHub Exploit DB Packet Storm
294330 - cisco identity_services_engine_software Multiple cross-site scripting (XSS) vulnerabilities in the guest portal in Cisco Identity Services Engine (ISE) Software allow remote attackers to inject arbitrary web script or HTML via unspecified … CWE-79
Cross-site Scripting 		CVE-2012-5744 2024-11-21 10:45 2013-08-30 Show GitHub Exploit DB Packet Storm