Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232181 4 警告 Mime Mail Module Project - Drupal 用 Mime Mail モジュールにおける任意のファイルを添付ファイルとして送信される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4495 2012-11-2 15:01 2012-08-8 Show GitHub Exploit DB Packet Storm
232182 4.3 警告 National Information Infrastructure Development Institute - Drupal 用 Shibboleth authentication モジュールにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4494 2012-11-2 14:55 2012-08-8 Show GitHub Exploit DB Packet Storm
232183 2.1 注意 Isaac Sukin - Drupal 用 Shorten URLs モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4492 2012-11-2 14:54 2012-08-8 Show GitHub Exploit DB Packet Storm
232184 5.8 警告 Earl Dunovant - Drupal 用 Monthly Archive by Node Type モジュールにおける制限しているノードにアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4491 2012-11-2 14:53 2012-08-1 Show GitHub Exploit DB Packet Storm
232185 4.3 警告 Ricky Morse - Drupal 用 Excluded Users モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4490 2012-11-2 14:45 2012-08-1 Show GitHub Exploit DB Packet Storm
232186 5.8 警告 Mark Burdett - Drupal 用 Secure Login モジュールにおけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4489 2012-11-2 14:43 2012-07-25 Show GitHub Exploit DB Packet Storm
232187 5 警告 Location module project - Drupal 用 Location モジュールにおけるノードまたはユーザの検索結果を読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4488 2012-11-2 14:43 2012-07-25 Show GitHub Exploit DB Packet Storm
232188 4.3 警告 Manuel Garcia - Drupal 用 Gallery formatter モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4485 2012-11-2 14:40 2012-07-25 Show GitHub Exploit DB Packet Storm
232189 4.3 警告 Campaign Monitor project - Drupal 用 Campaign Monitor モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4484 2012-11-2 14:38 2012-07-18 Show GitHub Exploit DB Packet Storm
232190 5 警告 Acquia Inc. - Drupal 用 Drupal Commons モジュールにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4483 2012-11-2 14:38 2012-07-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293091 - uclouvain openjpeg Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-3535 2024-11-21 10:41 2012-09-6 Show GitHub Exploit DB Packet Storm
293092 - typo3 typo3 Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to inject arbitrary web script or HTML vi… CWE-79
Cross-site Scripting 		CVE-2012-3531 2024-11-21 10:41 2012-09-6 Show GitHub Exploit DB Packet Storm
293093 - typo3 typo3 Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API function in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to conduct cross-site s… NVD-CWE-Other
CVE-2012-3530 2024-11-21 10:41 2012-09-6 Show GitHub Exploit DB Packet Storm
293094 - typo3 typo3 The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified… CWE-200
Information Exposure 		CVE-2012-3529 2024-11-21 10:41 2012-09-6 Show GitHub Exploit DB Packet Storm
293095 - typo3 typo3 Multiple cross-site scripting (XSS) vulnerabilities in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allow remote authenticated backend users to inject arbitrar… CWE-79
Cross-site Scripting 		CVE-2012-3528 2024-11-21 10:41 2012-09-6 Show GitHub Exploit DB Packet Storm
293096 - typo3
debian 		typo3
debian_linux 		view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possib… CWE-502
 Deserialization of Untrusted Data 		CVE-2012-3527 2024-11-21 10:41 2012-09-6 Show GitHub Exploit DB Packet Storm
293097 - thomas_eibner mod_rpaf The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For … NVD-CWE-noinfo
CVE-2012-3526 2024-11-21 10:41 2012-09-6 Show GitHub Exploit DB Packet Storm
293098 - gnu
canonical
debian 		binutils
libiberty
ubuntu_linux
debian_linux 		Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to c… CWE-189
Numeric Errors 		CVE-2012-3509 2024-11-21 10:41 2012-09-6 Show GitHub Exploit DB Packet Storm
293099 - mozilla bugzilla Auth/Verify/LDAP.pm in Bugzilla 2.x and 3.x before 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 does not restrict the characters in a username, which mig… CWE-255
Credentials Management 		CVE-2012-3981 2024-11-21 10:41 2012-09-4 Show GitHub Exploit DB Packet Storm
293100 - symantec pgp_universal_server Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circ… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3582 2024-11-21 10:41 2012-09-4 Show GitHub Exploit DB Packet Storm