Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228431 9.3 危険 DELL EMC (旧 EMC Corporation) - EMC Smarts Network Configuration Manager のデフォルト設定における脆弱性 CWE-287
不適切な認証 		CVE-2012-4614 2012-11-29 11:32 2012-11-27 Show GitHub Exploit DB Packet Storm
228432 4.3 警告 DELL EMC (旧 EMC Corporation) - EMC RSA Adaptive Authentication On-Premise におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4611 2012-11-29 11:31 2012-11-27 Show GitHub Exploit DB Packet Storm
228433 4.3 警告 ヒューレット・パッカード
サイバートラスト株式会社
レッドハット
Apache Software Foundation
オラクル		 - APR ライブラリおよび Apache HTTP Server の fnmatch 実装におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1928 2012-11-28 15:46 2011-05-24 Show GitHub Exploit DB Packet Storm
228434 5.4 警告 Wireshark - Wireshark の Ixia IxVeriWave ファイルパーサにおける整数符号エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2012-4298 2012-11-28 15:37 2012-08-15 Show GitHub Exploit DB Packet Storm
228435 8.3 危険 Wireshark - Wireshark の GSM RLC MAC 解析機能におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-4297 2012-11-28 15:36 2012-08-15 Show GitHub Exploit DB Packet Storm
228436 3.3 注意 Wireshark - Wireshark の RTPS2 解析機能におけるバッファオーバーフローの脆弱性 CWE-399
リソース管理の問題 		CVE-2012-4296 2012-11-28 15:35 2012-08-15 Show GitHub Exploit DB Packet Storm
228437 5.8 警告 Wireshark - Wireshark の ERF 解析機能におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-4294 2012-11-28 15:33 2012-08-15 Show GitHub Exploit DB Packet Storm
228438 3.3 注意 Wireshark - Wireshark の EtherCAT Mailbox 解析機能におけるサービス運用妨害 (アプリケーションの終了) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-4293 2012-11-28 15:32 2012-08-15 Show GitHub Exploit DB Packet Storm
228439 3.3 注意 Wireshark - Wireshark の STUN 解析機能におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4292 2012-11-28 15:32 2012-08-15 Show GitHub Exploit DB Packet Storm
228440 3.3 注意 Wireshark - Wireshark の CIP 解析機能におけるサービス運用妨害 (メモリ消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-4291 2012-11-28 15:31 2012-08-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
249471 5.9 MEDIUM
Network 		cisco adaptive_security_appliance_software
firepower_threat_defense_software 		A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software … CWE-331
 Insufficient Entropy 		CVE-2024-20331 2024-11-2 02:32 2024-10-24 Show GitHub Exploit DB Packet Storm
249472 5.4 MEDIUM
Network 		cisco firepower_management_center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack ag… CWE-79
Cross-site Scripting 		CVE-2024-20377 2024-11-2 02:30 2024-10-24 Show GitHub Exploit DB Packet Storm
249473 6.1 MEDIUM
Network 		maxfoundry social_share_buttons The WordPress Social Share Buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, … CWE-79
Cross-site Scripting 		CVE-2024-9219 2024-11-2 02:30 2024-10-19 Show GitHub Exploit DB Packet Storm
249474 6.1 MEDIUM
Network 		cisco adaptive_security_appliance_software
firepower_threat_defense_software 		A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote att… CWE-79
Cross-site Scripting 		CVE-2024-20341 2024-11-2 02:22 2024-10-24 Show GitHub Exploit DB Packet Storm
249475 - - - Zusam is a free and open-source way to self-host private forums. Prior to version 0.5.6, specially crafted SVG files uploaded to the service as images allow for unrestricted script execution on (raw)… CWE-79
Cross-site Scripting 		CVE-2024-51492 2024-11-2 02:15 2024-11-2 Show GitHub Exploit DB Packet Storm
249476 - - - changedetection.io is free, open source web page change detection software. Prior to version 0.47.5, when a WebDriver is used to fetch files, `source:file:///etc/passwd` can be used to retrieve local… - CVE-2024-51483 2024-11-2 02:15 2024-11-2 Show GitHub Exploit DB Packet Storm
249477 - - - `oak` is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. By default `oak` does not allow transferring of hidden files with `Cont… CWE-22
CWE-35
Path Traversal
 Path Traversal: '.../...//' 		CVE-2024-49770 2024-11-2 02:15 2024-11-2 Show GitHub Exploit DB Packet Storm
249478 6.5 MEDIUM
Network 		- - IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. - CVE-2024-41744 2024-11-2 02:15 2024-11-2 Show GitHub Exploit DB Packet Storm
249479 8.8 HIGH
Network 		microchip timeprovider_4100_firmware Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0. CWE-352
 Origin Validation Error 		CVE-2024-43684 2024-11-2 02:15 2024-10-5 Show GitHub Exploit DB Packet Storm
249480 8.8 HIGH
Network 		infiniflow ragflow The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. The function uses user-supplied input `req['llm_factory']` and `req['… CWE-77
Command Injection 		CVE-2024-10131 2024-11-2 02:12 2024-10-19 Show GitHub Exploit DB Packet Storm