Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
220521	4.3	警告	dotProject	-	dotProject におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5702	2014-10-27 18:53	2012-11-15	Show	GitHub Exploit DB Packet Storm

220522	5	警告	Banana Dance	-	Banana Dance の functions/suggest.php における任意のデータベースの情報を読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5243	2014-10-27 18:53	2012-12-19	Show	GitHub Exploit DB Packet Storm

220523	6.8	警告	Banana Dance	-	Banana Dance の functions/suggest.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-5242	2014-10-27 18:52	2012-12-19	Show	GitHub Exploit DB Packet Storm

220524	7.5	危険	OS4Ed	-	openSIS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-8366	2014-10-27 18:52	2014-06-26	Show	GitHub Exploit DB Packet Storm

220525	4.3	警告	Xornic	-	Xornic Contact Us におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8365	2014-10-27 18:51	2014-06-8	Show	GitHub Exploit DB Packet Storm

220526	4.3	警告	Joomla!	-	Joomla! 用 JChatSocial コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-3863	2014-10-27 18:14	2014-07-7	Show	GitHub Exploit DB Packet Storm

220527	4.3	警告	timrohrer	-	WordPress 用 WordPress Spreadsheet プラグインの ss_handler.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8364	2014-10-27 18:08	2014-08-5	Show	GitHub Exploit DB Packet Storm

220528	7.5	危険	timrohrer	-	WordPress 用 WordPress Spreadsheet プラグインの ss_handler.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-8363	2014-10-27 18:08	2014-08-5	Show	GitHub Exploit DB Packet Storm

220529	3.5	注意	Pro Chat Rooms	-	Pro Chat Rooms Text Chat Rooms におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5276	2014-10-27 17:45	2014-08-5	Show	GitHub Exploit DB Packet Storm

220530	6.5	警告	Pro Chat Rooms	-	Pro Chat Rooms Text Chat Rooms の includes/functions.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5275	2014-10-27 17:45	2014-08-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
290881	-	adcolony	adcolony_library	The Adcolony library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certific…	CWE-310 Cryptographic Issues	CVE-2014-5524	2024-11-21 11:12	2014-09-9	Show	GitHub Exploit DB Packet Storm

290882	-	ntop	ntopng	Cross-site scripting (XSS) vulnerability in the nDPI traffic classification library in ntopng (aka ntop) before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host …	CWE-79 Cross-site Scripting	CVE-2014-5464	2024-11-21 11:12	2014-09-8	Show	GitHub Exploit DB Packet Storm

290883	-	srvx	srvx	Multiple integer overflows in the HelpServ module (mod-helpserv.c) in srvx 1.3.1 allow remote authenticated IRCops or HelpServ bot managers to cause a denial of service (infinite loop) via a large va…	CWE-189 Numeric Errors	CVE-2014-5508	2024-11-21 11:12	2014-09-5	Show	GitHub Exploit DB Packet Storm

290884	-	sap	crystal_reports	Double free vulnerability in SAP Crystal Reports allows remote attackers to execute arbitrary code via crafted connection string record in an RPT file.	NVD-CWE-Other	CVE-2014-5506	2024-11-21 11:12	2014-09-5	Show	GitHub Exploit DB Packet Storm

290885	-	sap	crystal_reports	Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code via a crafted data source string in an RPT file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-5505	2024-11-21 11:12	2014-09-5	Show	GitHub Exploit DB Packet Storm

290886	-	solarwinds	log_and_event_manager	SolarWinds Log and Event Manager before 6.0 uses "static" credentials, which makes it easier for remote attackers to obtain access to the database and execute arbitrary code via unspecified vectors, …	CWE-255 Credentials Management	CVE-2014-5504	2024-11-21 11:12	2014-09-5	Show	GitHub Exploit DB Packet Storm

290887	-	opensuse canonical debian lua mageia	opensuse ubuntu_linux debian_linux lua mageia	Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a fun…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-5461	2024-11-21 11:12	2014-09-5	Show	GitHub Exploit DB Packet Storm

290888	-	werdswords	download_shortcode	Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file…	CWE-22 Path Traversal	CVE-2014-5465	2024-11-21 11:12	2014-09-4	Show	GitHub Exploit DB Packet Storm

290889	-	xrms_crm_project	xrms_crm	plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter.	CWE-89 SQL Injection	CVE-2014-5521	2024-11-21 11:12	2014-09-2	Show	GitHub Exploit DB Packet Storm

290890	-	hl7	c-cda	CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document co…	CWE-79 Cross-site Scripting	CVE-2014-5452	2024-11-21 11:12	2014-09-2	Show	GitHub Exploit DB Packet Storm