Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231231 3.5 注意 オラクル - Oracle Financial Services の Oracle FLEXCUBE Direct Banking における BASE の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3157 2012-10-19 14:53 2012-10-16 Show GitHub Exploit DB Packet Storm
231232 1.5 注意 オラクル - Oracle Financial Services の Oracle FLEXCUBE Direct Banking における BASE の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3145 2012-10-19 14:52 2012-10-16 Show GitHub Exploit DB Packet Storm
231233 3.5 注意 オラクル - Oracle Financial Services の Oracle FLEXCUBE Direct Banking における BASE の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3142 2012-10-19 14:41 2012-10-16 Show GitHub Exploit DB Packet Storm
231234 4 警告 オラクル - Oracle Financial Services の Oracle FLEXCUBE Universal Banking における BASE の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3141 2012-10-19 14:40 2012-10-16 Show GitHub Exploit DB Packet Storm
231235 4.4 警告 オラクル - Oracle Solaris 10 における inetd の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-5095 2012-10-19 11:47 2012-10-16 Show GitHub Exploit DB Packet Storm
231236 1.7 注意 オラクル - Oracle Solaris 10 および 11 における Kernel の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3215 2012-10-19 11:47 2012-10-16 Show GitHub Exploit DB Packet Storm
231237 4.7 警告 オラクル - Oracle Solaris 10 および 11 における Kernel の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3212 2012-10-19 11:46 2012-10-16 Show GitHub Exploit DB Packet Storm
231238 4.6 警告 オラクル - Oracle Solaris 10 および 11 における Kernel/System Call の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3211 2012-10-19 11:45 2012-10-16 Show GitHub Exploit DB Packet Storm
231239 7.8 危険 オラクル - Oracle Solaris 11 における Kernel の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3210 2012-10-19 11:45 2012-10-16 Show GitHub Exploit DB Packet Storm
231240 5.6 警告 オラクル - Oracle Solaris 10 および 11 における Logical Domain の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-3209 2012-10-19 11:44 2012-10-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292911 - drupal-id counter_module SQL injection vulnerability in the Counter module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "recording visits." CWE-89
SQL Injection 		CVE-2012-2718 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
292912 - david_stosik comment_moderation Cross-site request forgery (CSRF) vulnerability in the Comment Moderation module 6.x-1.x before 6.x-1.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests … CWE-352
 Origin Validation Error 		CVE-2012-2716 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
292913 - openstack compute
essex
diablo 		The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check the protocol when security groups are created and the network protoc… CWE-20
 Improper Input Validation  		CVE-2012-2654 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
292914 - w1.fi hostapd hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-2389 2024-11-21 10:39 2012-06-22 Show GitHub Exploit DB Packet Storm
292915 - cisco anyconnect_secure_mobility_client A certain Java applet in the VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR7 on 64-bit Linux platforms does not properly restrict … CWE-20
 Improper Input Validation  		CVE-2012-2496 2024-11-21 10:39 2012-06-21 Show GitHub Exploit DB Packet Storm
292916 - cisco secure_desktop
anyconnect_secure_mobility_client 		The HostScan downloader implementation in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR8 and Cisco Secure Desktop before 3.6.6020 does not compare the timestamp of offered software to the… CWE-20
 Improper Input Validation  		CVE-2012-2495 2024-11-21 10:39 2012-06-21 Show GitHub Exploit DB Packet Storm
292917 - cisco anyconnect_secure_mobility_client The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to t… CWE-20
 Improper Input Validation  		CVE-2012-2494 2024-11-21 10:39 2012-06-21 Show GitHub Exploit DB Packet Storm
292918 - cisco anyconnect_secure_mobility_client The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linu… CWE-20
 Improper Input Validation  		CVE-2012-2493 2024-11-21 10:39 2012-06-21 Show GitHub Exploit DB Packet Storm
292919 - checkpoint remote_access_clients
endpoint_security
endpoint_connect
endpoint_security_vpn 		Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint … NVD-CWE-Other
CVE-2012-2753 2024-11-21 10:39 2012-06-20 Show GitHub Exploit DB Packet Storm
292920 - wap2 smallpict Cross-site scripting (XSS) vulnerability in SmallPICT.cgi in SmallPICT before 2.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-2638 2024-11-21 10:39 2012-06-20 Show GitHub Exploit DB Packet Storm