Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240431 10 危険 サムスン - Samsung NET-i viewer の ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-4333 2012-08-17 14:57 2012-08-14 Show GitHub Exploit DB Packet Storm
240432 5 警告 Barandi Solutions - WordPress 用 ShareYourCart プラグインにおけるインストールパスを取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-4332 2012-08-17 14:50 2012-08-14 Show GitHub Exploit DB Packet Storm
240433 10 危険 SPIP - SPIP における脆弱性 CWE-noinfo
情報不足 		CVE-2012-4331 2012-08-17 14:48 2012-04-23 Show GitHub Exploit DB Packet Storm
240434 7.8 危険 サムスン - Samsung D6000 TV およびその他の製品におけるサービス運用妨害 (クラッシュ) の脆弱性 CWE-119
バッファエラー 		CVE-2012-4330 2012-08-17 14:47 2012-08-14 Show GitHub Exploit DB Packet Storm
240435 7.8 危険 サムスン - Samsung D6000 TV およびその他の製品におけるサービス運用妨害 (連続的な再起動) の脆弱性 CWE-119
バッファエラー 		CVE-2012-4329 2012-08-17 14:45 2012-08-14 Show GitHub Exploit DB Packet Storm
240436 10 危険 vBulletin Solutions, Inc. - 複数の vBulletin 製品における脆弱性 CWE-noinfo
情報不足 		CVE-2012-4328 2012-08-17 14:38 2012-08-14 Show GitHub Exploit DB Packet Storm
240437 4.3 警告 Piwigo - Piwigo の admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2209 2012-08-17 14:36 2012-04-4 Show GitHub Exploit DB Packet Storm
240438 7.5 危険 Piwigo - Piwigo の upgrade.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-2208 2012-08-17 14:35 2012-04-4 Show GitHub Exploit DB Packet Storm
240439 7.5 危険 Chill Creations - Joomla! 用 ccNewsletter コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5099 2012-08-17 14:29 2012-08-14 Show GitHub Exploit DB Packet Storm
240440 4.3 警告 Timely - WordPress 用 All-in-One Event Calendar プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1835 2012-08-17 14:03 2012-08-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
286621 - php-fusion php-fusion SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 through 7.02.05 allows remote attackers to execute arbitrary SQL commands via the user ID in a user cookie… CWE-89
SQL Injection 		CVE-2013-7375 2024-11-21 11:00 2014-05-6 Show GitHub Exploit DB Packet Storm
286622 - livezilla livezilla The setCookieValue function in _lib/functions.global.inc.php in LiveZilla before 5.1.2.1 allows remote attackers to execute arbitrary PHP code via a serialized PHP object in a cookie. CWE-94
Code Injection 		CVE-2013-7034 2024-11-21 11:00 2014-05-6 Show GitHub Exploit DB Packet Storm
286623 - livezilla livezilla Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla before 5.1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) full name field, (2) company field, or (3) fi… CWE-79
Cross-site Scripting 		CVE-2013-7003 2024-11-21 11:00 2014-05-6 Show GitHub Exploit DB Packet Storm
286624 - plone plone Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-7061 2024-11-21 11:00 2014-05-2 Show GitHub Exploit DB Packet Storm
286625 - plone plone Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initial… CWE-200
Information Exposure 		CVE-2013-7060 2024-11-21 11:00 2014-05-2 Show GitHub Exploit DB Packet Storm
286626 - transifex transifex Transifex command-line client before 0.10 does not validate X.509 certificates for data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary cer… CWE-20
 Improper Input Validation  		CVE-2013-7110 2024-11-21 11:00 2014-05-2 Show GitHub Exploit DB Packet Storm
286627 - canonical ubuntu_linux The Ubuntu Date and Time Indicator (aka indicator-datetime) 13.10.0+13.10.x before 13.10.0+13.10.20131023.2-0ubuntu1.1 does not properly restrict access to Evolution, which allows local users to bypa… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-7374 2024-11-21 11:00 2014-05-2 Show GitHub Exploit DB Packet Storm
286628 - fortinet fortiauthenticator FortiGuard FortiAuthenticator before 3.0 allows remote administrators to gain privileges via the command line interface. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-6990 2024-11-21 11:00 2014-04-30 Show GitHub Exploit DB Packet Storm
286629 - google android Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within mu… CWE-200
Information Exposure 		CVE-2013-7373 2024-11-21 11:00 2014-04-30 Show GitHub Exploit DB Packet Storm
286630 - google
apache 		android
harmony 		The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache … CWE-310
Cryptographic Issues 		CVE-2013-7372 2024-11-21 11:00 2014-04-30 Show GitHub Exploit DB Packet Storm