Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231791 4.3 警告 The Cacti Group - Cacti の logout.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5223 2012-10-29 15:25 2011-12-11 Show GitHub Exploit DB Packet Storm
231792 7.5 危険 Scripte24Shop - PHP Flirt-Projekt の rub2_w.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5222 2012-10-29 15:22 2012-10-25 Show GitHub Exploit DB Packet Storm
231793 4.3 警告 WebSVN - WebSVN の svnlook.php 内の getLog 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5221 2012-10-29 15:19 2010-04-20 Show GitHub Exploit DB Packet Storm
231794 4.3 警告 Cristopher Shi - PHP-SCMS の templates/default/Admin/Login.html におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5220 2012-10-29 15:18 2012-10-25 Show GitHub Exploit DB Packet Storm
231795 5 警告 Ian Back - mPDF の examples/show_code.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-5219 2012-10-29 15:18 2012-10-25 Show GitHub Exploit DB Packet Storm
231796 7.5 危険 DotA OpenStats - DotA OpenStats における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5218 2012-10-29 15:17 2012-10-25 Show GitHub Exploit DB Packet Storm
231797 5 警告 日立 - 日立の JP1/ServerConductor/DeploymentManager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-5217 2012-10-29 15:13 2011-12-15 Show GitHub Exploit DB Packet Storm
231798 7.5 危険 Rustici Software - WordPress 用 SCORM Cloud For WordPress プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5216 2012-10-29 15:05 2012-10-25 Show GitHub Exploit DB Packet Storm
231799 7.5 危険 2daybiz - Video Community Portal の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5215 2012-10-29 15:04 2012-10-25 Show GitHub Exploit DB Packet Storm
231800 4.3 警告 BrowserCRM - BrowserCRM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5214 2012-10-29 15:03 2012-10-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293071 - qualiteam x-cart Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart Gold 4.5 allows remote attackers to inject arbitrary web script or HTML via the symb parameter. CWE-79
Cross-site Scripting 		CVE-2012-2570 2024-11-21 10:39 2012-08-16 Show GitHub Exploit DB Packet Storm
293072 - microsoft windows_server_2008
windows_xp
windows_7
windows_server_2003
windows_vista 		Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Win… CWE-399
 Resource Management Errors 		CVE-2012-2527 2024-11-21 10:39 2012-08-15 Show GitHub Exploit DB Packet Storm
293073 - microsoft windows_xp The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP3 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RD… CWE-94
Code Injection 		CVE-2012-2526 2024-11-21 10:39 2012-08-15 Show GitHub Exploit DB Packet Storm
293074 - microsoft office Microsoft Office 2007 SP2 and SP3 and 2010 SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Computer Graphics Metafile (CGM) file, … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-2524 2024-11-21 10:39 2012-08-15 Show GitHub Exploit DB Packet Storm
293075 - microsoft internet_explorer
jscript
vbscript 		Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculatio… CWE-189
Numeric Errors 		CVE-2012-2523 2024-11-21 10:39 2012-08-15 Show GitHub Exploit DB Packet Storm
293076 - microsoft internet_explorer Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this … CWE-94
Code Injection 		CVE-2012-2522 2024-11-21 10:39 2012-08-15 Show GitHub Exploit DB Packet Storm
293077 - microsoft internet_explorer Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL Objec… CWE-94
Code Injection 		CVE-2012-2521 2024-11-21 10:39 2012-08-15 Show GitHub Exploit DB Packet Storm
293078 - d.r.commander libjpeg-turbo Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code vi… CWE-787
 Out-of-bounds Write 		CVE-2012-2806 2024-11-21 10:39 2012-08-14 Show GitHub Exploit DB Packet Storm
293079 - redhat certificate_system
dogtag_certificate_system 		Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via u… CWE-79
Cross-site Scripting 		CVE-2012-2662 2024-11-21 10:39 2012-08-14 Show GitHub Exploit DB Packet Storm
293080 - e-supportportal escon_supportportal Multiple cross-site scripting (XSS) vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a… CWE-79
Cross-site Scripting 		CVE-2012-2590 2024-11-21 10:39 2012-08-13 Show GitHub Exploit DB Packet Storm