Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232281	4.3	警告	ThinkShout	-	Drupal 用 MailChimp モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5551	2012-12-5 16:17	2012-10-23	Show	GitHub Exploit DB Packet Storm

232282	7.5	危険	Carlos Carvalhar	-	Drupal 用 Time Spent モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-5550	2012-12-5 16:05	2012-10-24	Show	GitHub Exploit DB Packet Storm

232283	5	警告	サムスン	-	Samsung Kies Air におけるサービス運用妨害 (クラッシュ) の脆弱性	CWE-noinfo 情報不足	CVE-2012-5859	2012-12-5 15:59	2012-12-3	Show	GitHub Exploit DB Packet Storm

232284	4.3	警告	サムスン	-	Samsung Kies Air における端末内の任意のコンテンツを読み取られる脆弱性	CWE-287 不適切な認証	CVE-2012-5858	2012-12-5 15:57	2012-12-3	Show	GitHub Exploit DB Packet Storm

232285	7.5	危険	FlashTux	-	WeeChat 用プラグイン API における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2012-5534	2012-12-5 15:48	2012-11-18	Show	GitHub Exploit DB Packet Storm

232286	6.8	警告	CMS Made Simple	-	CMS Made Simple におけるクロスサイトリクエストフォージェリ脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-5450	2012-12-5 14:30	2012-10-17	Show	GitHub Exploit DB Packet Storm

232287	6	警告	OrangeHRM	-	OrangeHRM における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-5367	2012-12-5 14:26	2012-12-3	Show	GitHub Exploit DB Packet Storm

232288	1.9	注意	シトリックス・システムズ	-	Xen におけるサービス運用妨害 (ホストハング) の脆弱性	CWE-noinfo 情報不足	CVE-2012-2934	2012-12-5 13:21	2012-06-12	Show	GitHub Exploit DB Packet Storm

232289	1.9	注意	シトリックス・システムズ	-	Xen 用 MMIO オペレーションエミュレータにおけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3432	2012-12-5 13:05	2012-07-26	Show	GitHub Exploit DB Packet Storm

232290	1.9	注意	シトリックス・システムズ	-	Xen におけるサービス運用妨害 (ゲストクラッシュ) の脆弱性	CWE-DesignError	CVE-2012-0218	2012-12-5 12:22	2012-06-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292521	-	oracle mariadb	mysql mariadb	Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection wh…	CWE-522 Insufficiently Protected Credentials	CVE-2012-5627	2024-11-21 10:45	2013-10-2	Show	GitHub Exploit DB Packet Storm

292522	-	moodle	moodle	repository/s3/S3.php in the Amazon S3 library in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not verify that the server hostname matches a domain name i…	CWE-20 Improper Input Validation	CVE-2012-6087	2024-11-21 10:45	2013-09-16	Show	GitHub Exploit DB Packet Storm

292523	-	cisco	wireless_control_system prime_network_control_system	Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System (NCS) and Wireless Control System (WCS) allow remote attackers to inject arbitr…	CWE-79 Cross-site Scripting	CVE-2012-5990	2024-11-21 10:45	2013-09-6	Show	GitHub Exploit DB Packet Storm

292524	-	cisco	identity_services_engine_software	Multiple cross-site scripting (XSS) vulnerabilities in the guest portal in Cisco Identity Services Engine (ISE) Software allow remote attackers to inject arbitrary web script or HTML via unspecified …	CWE-79 Cross-site Scripting	CVE-2012-5744	2024-11-21 10:45	2013-08-30	Show	GitHub Exploit DB Packet Storm

292525	-	videolan	vlc_media_player	The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorre…	CWE-189 Numeric Errors	CVE-2012-5855	2024-11-21 10:45	2013-07-11	Show	GitHub Exploit DB Packet Storm

292526	-	ibm	sterling_b2b_integrator sterling_file_gateway	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capt…	CWE-310 Cryptographic Issues	CVE-2012-5936	2024-11-21 10:45	2013-07-3	Show	GitHub Exploit DB Packet Storm

292527	-	ibm	sterling_b2b_integrator sterling_file_gateway	Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors …	CWE-89 SQL Injection	CVE-2012-5766	2024-11-21 10:45	2013-07-3	Show	GitHub Exploit DB Packet Storm

292528	-	typo3	typo3	Cross-site scripting (XSS) vulnerability in the function menu API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitra…	CWE-79 Cross-site Scripting	CVE-2012-6148	2024-11-21 10:45	2013-07-2	Show	GitHub Exploit DB Packet Storm

292529	-	typo3	typo3	Cross-site scripting (XSS) vulnerability in the tree render API (TCA-Tree) in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated bac…	CWE-79 Cross-site Scripting	CVE-2012-6147	2024-11-21 10:45	2013-07-2	Show	GitHub Exploit DB Packet Storm

292530	-	typo3	typo3	Cross-site scripting (XSS) vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject ar…	CWE-79 Cross-site Scripting	CVE-2012-6145	2024-11-21 10:45	2013-07-2	Show	GitHub Exploit DB Packet Storm