Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231211	4.3	警告	Twitter Pull Project	-	Drupal用 Twitter Pull モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5541	2012-12-5 16:54	2012-10-3	Show	GitHub Exploit DB Packet Storm

231212	4.3	警告	Tekritisoftware	-	Drupal 用 Hostip モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5540	2012-12-5 16:54	2012-10-3	Show	GitHub Exploit DB Packet Storm

231213	3.5	注意	Moshe Weitzman	-	Drupal 用 Organic Groups モジュールにおける任意のグループに投稿される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5539	2012-12-5 16:51	2012-09-26	Show	GitHub Exploit DB Packet Storm

231214	2.1	注意	Nathan Haug	-	Drupal 用 FileField Sources モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5538	2012-12-5 16:48	2012-09-19	Show	GitHub Exploit DB Packet Storm

231215	6	警告	Simplenews Scheduler Project	-	Drupal 用 Simplenews Scheduler モジュールにおける任意の PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2012-5537	2012-12-5 16:44	2012-09-19	Show	GitHub Exploit DB Packet Storm

231216	5	警告	Erik Webb	-	Drupal 用 Password policy モジュールにおけるパスワードハッシュを取得される脆弱性	CWE-200 情報漏えい	CVE-2012-5552	2012-12-5 16:21	2012-10-31	Show	GitHub Exploit DB Packet Storm

231217	4.3	警告	ThinkShout	-	Drupal 用 MailChimp モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5551	2012-12-5 16:17	2012-10-23	Show	GitHub Exploit DB Packet Storm

231218	7.5	危険	Carlos Carvalhar	-	Drupal 用 Time Spent モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-5550	2012-12-5 16:05	2012-10-24	Show	GitHub Exploit DB Packet Storm

231219	5	警告	サムスン	-	Samsung Kies Air におけるサービス運用妨害 (クラッシュ) の脆弱性	CWE-noinfo 情報不足	CVE-2012-5859	2012-12-5 15:59	2012-12-3	Show	GitHub Exploit DB Packet Storm

231220	4.3	警告	サムスン	-	Samsung Kies Air における端末内の任意のコンテンツを読み取られる脆弱性	CWE-287 不適切な認証	CVE-2012-5858	2012-12-5 15:57	2012-12-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292521	-	mylittletools	mylittleadmin	Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that tr…	CWE-79 Cross-site Scripting	CVE-2012-4015	2024-11-21 10:42	2012-09-25	Show	GitHub Exploit DB Packet Storm

292522	-	mcafee	email_and_web_security	Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors.	NVD-CWE-noinfo	CVE-2012-4014	2024-11-21 10:42	2012-09-25	Show	GitHub Exploit DB Packet Storm

292523	-	moodle	moodle	course/reset.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 checks an update capability instead of a reset capability, which allows remote authenticated users to bypass …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4408	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

292524	-	moodle	moodle	lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive…	CWE-200 Information Exposure	CVE-2012-4407	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

292525	-	moodle	moodle	theme/yui_combo.php in Moodle 2.3.x before 2.3.2 does not properly construct error responses for the drag-and-drop script, which allows remote attackers to obtain the installation path by sending a r…	CWE-200 Information Exposure	CVE-2012-4403	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

292526	-	moodle	moodle	webservice/lib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly restrict the use of web-service tokens, which allows remote authenticated users to run ar…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4402	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

292527	-	moodle	moodle	Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended capability restrictions and perform certain topic changes by leveraging course-editing capabiliti…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4401	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

292528	-	moodle	moodle	repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4400	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

292529	-	freedesktop gtk	spice-gtk libgio	libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS env…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4425	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm

292530	-	openstack	keystone	OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4413	2024-11-21 10:42	2012-09-19	Show	GitHub Exploit DB Packet Storm