Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224661	5	警告	レッドハット	-	JBoss Enterprise Portal Platform における任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0315	2013-04-16 16:28	2013-03-7	Show	GitHub Exploit DB Packet Storm

224662	7.5	危険	レッドハット	-	JBoss Enterprise Portal Platform におけるサイトコンテンツを変更される脆弱性	CWE-287 不適切な認証	CVE-2013-0314	2013-04-16 16:27	2013-03-7	Show	GitHub Exploit DB Packet Storm

224663	6.8	警告	レッドハット	-	JBoss Enterprise Portal Platform の GateIn Portal コンポーネントにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-3532	2013-04-16 16:20	2012-08-23	Show	GitHub Exploit DB Packet Storm

224664	9.3	危険	IBM	-	IBM Cognos Disclosure Management およびその他の製品における任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0501	2013-04-16 16:15	2013-04-5	Show	GitHub Exploit DB Packet Storm

224665	9.3	危険	IBM	-	複数の IBM 製品における任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2012-5937	2013-04-16 15:56	2013-04-10	Show	GitHub Exploit DB Packet Storm

224666	5	警告	OpenStack	-	複数の OpenStack コンポーネントにおけるアクセスの制限を回避される脆弱性	CWE-287 不適切な認証	CVE-2013-0282	2013-04-16 15:52	2013-02-20	Show	GitHub Exploit DB Packet Storm

224667	5	警告	OpenStack	-	OpenStack Keystone の Grizzly および Folsom におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2013-0270	2013-04-16 15:47	2013-04-4	Show	GitHub Exploit DB Packet Storm

224668	7.5	危険	ZAPms	-	ZAPms における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3050	2013-04-16 15:40	2013-04-10	Show	GitHub Exploit DB Packet Storm

224669	7.1	危険	シスコシステムズ	-	Cisco Adaptive Security Appliances におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-1151	2013-04-15 11:42	2013-04-10	Show	GitHub Exploit DB Packet Storm

224670	5.7	警告	シスコシステムズ	-	Cisco ユニバーサルブロードバンド 10000 シリーズルータにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-1189	2013-04-15 11:39	2013-04-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
278471	-	drupal debian	drupal debian_linux	Drupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to hijack sessions via a crafted request, as demonstrated by a crafted request to a server that supports both HTTP and HTTPS session…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-9015	2024-11-21 11:20	2014-11-25	Show	GitHub Exploit DB Packet Storm

278472	-	pypa oracle	pip solaris	pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.	NVD-CWE-noinfo	CVE-2014-8991	2024-11-21 11:20	2014-11-25	Show	GitHub Exploit DB Packet Storm

278473	-	mantisbt	mantisbt	MantisBT before 1.2.18 allows remote authenticated users to bypass the $g_download_attachments_threshold and $g_view_attachments_threshold restrictions and read attachments for private projects by le…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-8988	2024-11-21 11:20	2014-11-25	Show	GitHub Exploit DB Packet Storm

278474	-	mantisbt	mantisbt	Cross-site scripting (XSS) vulnerability in the selection list in the filters in the Configuration Report page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.17 allows remote administrators t…	CWE-79 Cross-site Scripting	CVE-2014-8986	2024-11-21 11:20	2014-11-25	Show	GitHub Exploit DB Packet Storm

278475	-	moodle	moodle	The LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not properly restrict the parameters used in a return URL, which allows remote attackers t…	CWE-20 Improper Input Validation	CVE-2014-9060	2024-11-21 11:20	2014-11-24	Show	GitHub Exploit DB Packet Storm

278476	-	moodle	moodle	lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide charset information in HTTP headers, which might allow remote attackers to cond…	CWE-79 Cross-site Scripting	CVE-2014-9059	2024-11-21 11:20	2014-11-24	Show	GitHub Exploit DB Packet Storm

278477	-	zteusa	zxdsl_831cii	Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII allow remote attackers to hijack the authentication of administrators for requests that disable modem lan ports via the …	CWE-352 Origin Validation Error	CVE-2014-9027	2024-11-21 11:20	2014-11-21	Show	GitHub Exploit DB Packet Storm

278478	-	ubercart	ubercart	The Ubercart module 7.x-3.x before 7.x-3.7 for Drupal does not properly protect the per-user order history view, which allows remote authenticated users with the "view own orders" permission to obtai…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-9026	2024-11-21 11:20	2014-11-21	Show	GitHub Exploit DB Packet Storm

278479	-	commerceguys	commerce	The default checkout completion rule in the commerce_order module in the Drupal Commerce module 7.x-1.x before 7.x-1.10 for Drupal uses the email address as the username for new accounts created at c…	CWE-200 Information Exposure	CVE-2014-9025	2024-11-21 11:20	2014-11-21	Show	GitHub Exploit DB Packet Storm

278480	-	protected_pages_project	protected_pages	The Protected Pages module 7.x-2.x before 7.x-2.4 for Drupal allows remote attackers to bypass the password protection via a crafted path.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-9024	2024-11-21 11:20	2014-11-21	Show	GitHub Exploit DB Packet Storm