Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
220141	5	警告	The PHP Group	-	PHP の SQLite における open_basedir 保護機能を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3365	2014-04-7 17:46	2012-07-19	Show	GitHub Exploit DB Packet Storm

220142	10	危険	The PHP Group アップル	-	PHP の stream の実装における脆弱性	-	CVE-2012-2688	2014-04-7 17:45	2012-07-19	Show	GitHub Exploit DB Packet Storm

220143	4.3	警告	The PHP Group	-	PHP の Fileinfo コンポーネントの libmagic/softmagic.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-4636	2014-04-7 17:44	2013-06-20	Show	GitHub Exploit DB Packet Storm

220144	5	警告	The PHP Group	-	PHP の Calendar コンポーネントの jewish.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2013-4635	2014-04-7 17:43	2013-06-20	Show	GitHub Exploit DB Packet Storm

220145	5	警告	The PHP Group アップル	-	PHP の ext/standard/quot_print.c におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-2110	2014-04-7 17:40	2013-06-20	Show	GitHub Exploit DB Packet Storm

220146	9.3	危険	オラクル	-	Oracle Java SE および JavaFX における JavaFX に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-5844	2014-04-7 17:39	2013-10-15	Show	GitHub Exploit DB Packet Storm

220147	9.3	危険	IBM オラクル	-	Oracle Java SE および Java SE Embedded における Libraries に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-5838	2014-04-7 17:37	2013-10-15	Show	GitHub Exploit DB Packet Storm

220148	6.8	警告	The PHP Group	-	PHP の Sessions サブシステムにおける Web セッションをハイジャックされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4718	2014-04-7 17:37	2011-12-2	Show	GitHub Exploit DB Packet Storm

220149	6.8	警告	The PHP Group アップル	-	PHP の ext/xml/xml.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2013-4113	2014-04-7 17:36	2013-07-11	Show	GitHub Exploit DB Packet Storm

220150	6.5	警告	X.Org Foundation	-	X.Org X11 の xorg-server モジュールの dix/dixfonts.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-4396	2014-04-7 17:35	2013-10-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295761	-	mylittletools	mylittleadmin	Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that tr…	CWE-79 Cross-site Scripting	CVE-2012-4015	2024-11-21 10:42	2012-09-25	Show	GitHub Exploit DB Packet Storm

295762	-	mcafee	email_and_web_security	Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors.	NVD-CWE-noinfo	CVE-2012-4014	2024-11-21 10:42	2012-09-25	Show	GitHub Exploit DB Packet Storm

295763	-	moodle	moodle	course/reset.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 checks an update capability instead of a reset capability, which allows remote authenticated users to bypass …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4408	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

295764	-	moodle	moodle	lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive…	CWE-200 Information Exposure	CVE-2012-4407	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

295765	-	moodle	moodle	theme/yui_combo.php in Moodle 2.3.x before 2.3.2 does not properly construct error responses for the drag-and-drop script, which allows remote attackers to obtain the installation path by sending a r…	CWE-200 Information Exposure	CVE-2012-4403	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

295766	-	moodle	moodle	webservice/lib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly restrict the use of web-service tokens, which allows remote authenticated users to run ar…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4402	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

295767	-	moodle	moodle	Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended capability restrictions and perform certain topic changes by leveraging course-editing capabiliti…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4401	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

295768	-	moodle	moodle	repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4400	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

295769	-	freedesktop gtk	spice-gtk libgio	libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS env…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4425	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

295770	-	openstack	keystone	OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4413	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm