Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232091 6.8 警告 Irfan Skiljan - IrfanView 用 FlashPix PlugIn で使用される libfpx におけるメモリ二重解放の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-0025 2012-11-6 14:23 2012-11-2 Show GitHub Exploit DB Packet Storm
232092 7.5 危険 Morbus Iff - Drupal 用 Activism モジュールにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4498 2012-11-6 14:21 2012-08-29 Show GitHub Exploit DB Packet Storm
232093 2.1 注意 Devsaran - Drupal 用 Elegant Theme モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4497 2012-11-6 14:19 2012-08-15 Show GitHub Exploit DB Packet Storm
232094 2.1 注意 Roy Baxter - Drupal 用 Better Revisions モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4493 2012-11-6 14:18 2012-08-8 Show GitHub Exploit DB Packet Storm
232095 4 警告 Boombatower - Drupal 用 Subuser モジュールにおけるロールを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4487 2012-11-6 14:07 2012-07-25 Show GitHub Exploit DB Packet Storm
232096 6.8 警告 Boombatower - Drupal 用 Subuser モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-4486 2012-11-6 14:04 2012-07-25 Show GitHub Exploit DB Packet Storm
232097 7.5 危険 Curtis Galloway - libexif の exif-entry.c の exif_entry_get_value 関数における整数アンダーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-2841 2012-11-6 12:28 2012-07-12 Show GitHub Exploit DB Packet Storm
232098 7.5 危険 Curtis Galloway - libexif の exif-entry.c の exif_convert_utf16_to_utf8 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-2840 2012-11-6 12:27 2012-07-12 Show GitHub Exploit DB Packet Storm
232099 5 警告 Curtis Galloway - libexif の olympus/mnote-olympus-entry.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-2837 2012-11-6 12:26 2012-07-12 Show GitHub Exploit DB Packet Storm
232100 6.4 警告 Curtis Galloway - libexif の exif-data.c の exif_data_load_data 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2012-2836 2012-11-6 12:26 2012-07-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293081 - cms-center simple_web_content_management_system Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) item_delete.php, (2) item_statu… CWE-89
SQL Injection 		CVE-2012-3791 2024-11-21 10:41 2012-06-22 Show GitHub Exploit DB Packet Storm
293082 - adiscon loganalyzer Cross-site scripting (XSS) vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight param… CWE-79
Cross-site Scripting 		CVE-2012-3790 2024-11-21 10:41 2012-06-21 Show GitHub Exploit DB Packet Storm
293083 - wordpress plugin_newsletter_plugin Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the data parameter. CWE-22
Path Traversal 		CVE-2012-3588 2024-11-21 10:41 2012-06-20 Show GitHub Exploit DB Packet Storm
293084 - debian advanced_package_tool APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attacker… CWE-20
 Improper Input Validation  		CVE-2012-3587 2024-11-21 10:41 2012-06-20 Show GitHub Exploit DB Packet Storm
293085 - digium asterisk chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10.x before 10.5.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon cr… NVD-CWE-Other
CVE-2012-3553 2024-11-21 10:41 2012-06-20 Show GitHub Exploit DB Packet Storm
293086 - wordpress fcchat_widget Unrestricted file upload vulnerability in html/Upload.php in the FCChat Widget plugin 2.2.13.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with a f… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3578 2024-11-21 10:41 2012-06-17 Show GitHub Exploit DB Packet Storm
293087 - nmedia member_conversation Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3577 2024-11-21 10:41 2012-06-17 Show GitHub Exploit DB Packet Storm
293088 - jquindlen wpstorecart Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin before 2.5.30 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3576 2024-11-21 10:41 2012-06-16 Show GitHub Exploit DB Packet Storm
293089 - rbx_gallery rbx_gallery Unrestricted file upload vulnerability in uploader.php in the RBX Gallery plugin 2.1 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3575 2024-11-21 10:41 2012-06-16 Show GitHub Exploit DB Packet Storm
293090 - tbelmans mm_forms_community Unrestricted file upload vulnerability in includes/doajaxfileupload.php in the MM Forms Community plugin 2.2.5 and 2.2.6 for WordPress allows remote attackers to execute arbitrary code by uploading a… NVD-CWE-Other
CVE-2012-3574 2024-11-21 10:41 2012-06-16 Show GitHub Exploit DB Packet Storm