Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228351 4.3 警告 Phase2 Technology - Drupal 用 Feeds モジュールにおける任意のノードを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-5543 2012-12-5 16:56 2012-10-10 Show GitHub Exploit DB Packet Storm
228352 6.8 警告 Pedro Cambra - Drupal 用 Commerce Extra Panes モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-5542 2012-12-5 16:55 2012-10-3 Show GitHub Exploit DB Packet Storm
228353 4.3 警告 Twitter Pull Project - Drupal用 Twitter Pull モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5541 2012-12-5 16:54 2012-10-3 Show GitHub Exploit DB Packet Storm
228354 4.3 警告 Tekritisoftware - Drupal 用 Hostip モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5540 2012-12-5 16:54 2012-10-3 Show GitHub Exploit DB Packet Storm
228355 3.5 注意 Moshe Weitzman - Drupal 用 Organic Groups モジュールにおける任意のグループに投稿される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-5539 2012-12-5 16:51 2012-09-26 Show GitHub Exploit DB Packet Storm
228356 2.1 注意 Nathan Haug - Drupal 用 FileField Sources モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5538 2012-12-5 16:48 2012-09-19 Show GitHub Exploit DB Packet Storm
228357 6 警告 Simplenews Scheduler Project - Drupal 用 Simplenews Scheduler モジュールにおける任意の PHP コード を挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-5537 2012-12-5 16:44 2012-09-19 Show GitHub Exploit DB Packet Storm
228358 5 警告 Erik Webb - Drupal 用 Password policy モジュールにおけるパスワードハッシュを取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-5552 2012-12-5 16:21 2012-10-31 Show GitHub Exploit DB Packet Storm
228359 4.3 警告 ThinkShout - Drupal 用 MailChimp モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5551 2012-12-5 16:17 2012-10-23 Show GitHub Exploit DB Packet Storm
228360 7.5 危険 Carlos Carvalhar - Drupal 用 Time Spent モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-5550 2012-12-5 16:05 2012-10-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
248401 - - - Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This issue affects Xin: from n/a through 1.0.8.1. CWE-502
 Deserialization of Untrusted Data 		CVE-2024-52412 2024-11-19 02:11 2024-11-17 Show GitHub Exploit DB Packet Storm
248402 - - - Deserialization of Untrusted Data vulnerability in Flowcraft UX Design Studio Advanced Personalization allows Object Injection.This issue affects Advanced Personalization: from n/a through 1.1.2. - CVE-2024-52411 2024-11-19 02:11 2024-11-17 Show GitHub Exploit DB Packet Storm
248403 - - - Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector allows Object Injection.This issue affects Referrer Detector: from n/a through 4.2.1.0. CWE-502
 Deserialization of Untrusted Data 		CVE-2024-52410 2024-11-19 02:11 2024-11-17 Show GitHub Exploit DB Packet Storm
248404 - - - Deserialization of Untrusted Data vulnerability in Phan An AJAX Random Posts allows Object Injection.This issue affects AJAX Random Posts: from n/a through 0.3.3. CWE-502
 Deserialization of Untrusted Data 		CVE-2024-52409 2024-11-19 02:11 2024-11-17 Show GitHub Exploit DB Packet Storm
248405 - - - Unrestricted Upload of File with Dangerous Type vulnerability in Team PushAssist Push Notifications for WordPress by PushAssist allows Upload a Web Shell to a Web Server.This issue affects Push Notif… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-52408 2024-11-19 02:11 2024-11-17 Show GitHub Exploit DB Packet Storm
248406 - - - Unrestricted Upload of File with Dangerous Type vulnerability in codeSavory BasePress Migration Tools allows Upload a Web Shell to a Web Server.This issue affects BasePress Migration Tools: from n/a … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-52407 2024-11-19 02:11 2024-11-17 Show GitHub Exploit DB Packet Storm
248407 - - - Unrestricted Upload of File with Dangerous Type vulnerability in Wibergs Web CSV to html allows Upload a Web Shell to a Web Server.This issue affects CSV to html: from n/a through 3.04. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-52406 2024-11-19 02:11 2024-11-17 Show GitHub Exploit DB Packet Storm
248408 - - - Unrestricted Upload of File with Dangerous Type vulnerability in Bikram Joshi B-Banner Slider allows Upload a Web Shell to a Web Server.This issue affects B-Banner Slider: from n/a through 1.1. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-52405 2024-11-19 02:11 2024-11-17 Show GitHub Exploit DB Packet Storm
248409 - - - Unrestricted Upload of File with Dangerous Type vulnerability in Bigfive CF7 Reply Manager.This issue affects CF7 Reply Manager: from n/a through 1.2.3. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-52404 2024-11-19 02:11 2024-11-17 Show GitHub Exploit DB Packet Storm
248410 - - - Unrestricted Upload of File with Dangerous Type vulnerability in WPExperts User Management allows Upload a Web Shell to a Web Server.This issue affects User Management: from n/a through 1.1. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-52403 2024-11-19 02:11 2024-11-17 Show GitHub Exploit DB Packet Storm