Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231141 4.3 警告 Mozilla Foundation - 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性 CWE-DesignError
CVE-2012-3985 2012-10-15 10:23 2012-10-9 Show GitHub Exploit DB Packet Storm
231142 6.8 警告 Mozilla Foundation - 複数の Mozilla 製品におけるページコンテンツを偽造される脆弱性 CWE-Other
その他 		CVE-2012-3984 2012-10-15 10:19 2012-10-9 Show GitHub Exploit DB Packet Storm
231143 5.8 警告 JOSSO - Java Open Single Sign-On Project Home におけるメッセージを偽造される脆弱性 CWE-287
不適切な認証 		CVE-2012-5352 2012-10-12 16:47 2012-10-9 Show GitHub Exploit DB Packet Storm
231144 6.4 警告 Apache Software Foundation - Apache Axis2 におけるメッセージを偽造される脆弱性 CWE-287
不適切な認証 		CVE-2012-5351 2012-10-12 16:45 2012-10-9 Show GitHub Exploit DB Packet Storm
231145 2.1 注意 dracut Project
Fedora Project
レッドハット		 - 複数の製品で使用される dracut における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4453 2012-10-12 16:43 2012-09-21 Show GitHub Exploit DB Packet Storm
231146 5.8 警告 Apache Software Foundation - Apache Axis2 におけるメッセージを偽造される脆弱性 CWE-287
不適切な認証 		CVE-2012-4418 2012-10-12 16:08 2012-10-9 Show GitHub Exploit DB Packet Storm
231147 5 警告 Cake Software Foundation - CakePHP の XML クラスにおける任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4399 2012-10-12 16:06 2012-07-14 Show GitHub Exploit DB Packet Storm
231148 4.3 警告 GLPI-PROJECT.ORG - GLPI-PROJECT GLPI におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4003 2012-10-12 15:46 2012-06-28 Show GitHub Exploit DB Packet Storm
231149 6.8 警告 GLPI-PROJECT.ORG - GLPI-PROJECT GLPI におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-4002 2012-10-12 15:45 2012-06-28 Show GitHub Exploit DB Packet Storm
231150 5 警告 OpenTTD - OpenTTD におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3436 2012-10-12 15:23 2012-07-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348241 - double_precision_incorporated courier_mta Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight l… NVD-CWE-Other
CVE-2002-0914 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348242 - harald_hoyer autorun
xandros_desktop_os 		autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file. NVD-CWE-Other
CVE-2002-0915 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348243 - stellar-x_software msntauth Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code … NVD-CWE-Other
CVE-2002-0916 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348244 - cgiscript.net cspassword CGIScript.net csPassword.cgi stores .htpasswd files under the web document root, which could allow remote authenticated users to download the file and crack the passwords of other users. NVD-CWE-Other
CVE-2002-0917 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348245 - cgiscript.net cspassword CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the inf… NVD-CWE-Other
CVE-2002-0918 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348246 - cgiscript.net cspassword CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page. NVD-CWE-Other
CVE-2002-0919 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348247 - cgiscript.net csnews CGIScript.net csNews.cgi allows remote attackers to obtain potentially sensitive information, such as the full server pathname and other configuration settings, via the viewnews command with an inval… NVD-CWE-Other
CVE-2002-0921 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348248 - cgiscript.net csnews CGIScript.net csNews.cgi allows remote attackers to obtain database files via a direct URL-encoded request to (1) default%2edb or (2) default%2edb.style, or remote authenticated users to perform admi… NVD-CWE-Other
CVE-2002-0922 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348249 - cgiscript.net csnews CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability. NVD-CWE-Other
CVE-2002-0923 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348250 - matthew_mondor mmftpd
mmmail 		Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd f… NVD-CWE-Other
CVE-2002-0925 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm