Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240461 5 警告 The PHP Group - PHP の sapi/cgi/cgi_main.c におけるサービス運用妨害 (リソース消費) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-2336 2012-07-26 17:09 2012-05-11 Show GitHub Exploit DB Packet Storm
240462 7.5 危険 The PHP Group - PHP の php-wrapper.fcgi における保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2335 2012-07-26 17:07 2012-05-11 Show GitHub Exploit DB Packet Storm
240463 7.5 危険 OpenOffice.org Project
libwpd project		 - OpenOffice.org で使用される libwpd における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2012-2149 2012-07-26 16:59 2012-06-21 Show GitHub Exploit DB Packet Storm
240464 4.3 警告 ISC, Inc. - ISC BIND の ns_client データ構造におけるサービス運用妨害 (DoS) の脆弱性 CWE-362
競合状態 		CVE-2012-3868 2012-07-26 16:27 2012-07-24 Show GitHub Exploit DB Packet Storm
240465 7.1 危険 IBM - IBM DB2 の Java ストアドプロシージャのインフラストラクチャにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2197 2012-07-26 15:38 2012-06-14 Show GitHub Exploit DB Packet Storm
240466 5 警告 IBM - IBM DB2 における任意の XML ファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2012-2196 2012-07-26 15:35 2012-06-14 Show GitHub Exploit DB Packet Storm
240467 5 警告 IBM - IBM DB2 の SQLJ.DB2_INSTALL_JAR ストアドプロシージャにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-2194 2012-07-26 15:31 2012-06-7 Show GitHub Exploit DB Packet Storm
240468 3.6 注意 Puppet - Puppet および Puppet Enterprise における任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1989 2012-07-26 14:07 2012-06-27 Show GitHub Exploit DB Packet Storm
240469 3.5 注意 Puppet - Puppet および Puppet Enterprise におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2012-1987 2012-07-26 13:57 2012-05-29 Show GitHub Exploit DB Packet Storm
240470 10 危険 Google
サムスン		 - 複数の製品の Chromebook プラットフォーム上で稼働する Google Chrome OS における脆弱性 CWE-noinfo
情報不足 		CVE-2012-4050 2012-07-26 11:57 2012-07-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
285911 - fortinet fortiadc_firmware
fortiadc-1000e
fortiadc-1500d
fortiadc-2000d
fortiadc-200d
fortiadc-300e
fortiadc-4000d
fortiadc-400e
fortiadc-600e 		Cross-site scripting (XSS) vulnerability in the web administration interface in FortiADC with firmware before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the locale param… CWE-79
Cross-site Scripting 		CVE-2014-0331 2024-11-21 11:01 2014-04-11 Show GitHub Exploit DB Packet Storm
285912 - wordpress wordpress The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it e… CWE-287
Improper Authentication 		CVE-2014-0166 2024-11-21 11:01 2014-04-10 Show GitHub Exploit DB Packet Storm
285913 - wordpress wordpress WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by leveraging the Contributor role, related to wp-admin/includes/post.php and wp-admin/includes/class-… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0165 2024-11-21 11:01 2014-04-10 Show GitHub Exploit DB Packet Storm
285914 - microsoft windows_xp
windows_server_2008
windows_server_2012
windows_rt
windows_8.1
windows_7
windows_rt_8.1
windows_vista
windows_8
windows_server_2003 		Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows… CWE-426
 Untrusted Search Path 		CVE-2014-0315 2024-11-21 11:01 2014-04-9 Show GitHub Exploit DB Packet Storm
285915 - huawei echo_life_hg8247_firmware
echo_life 		Cross-site scripting (XSS) vulnerability in the web interface on Huawei Echo Life HG8247 routers with software before V100R006C00SPC127 allows remote attackers to inject arbitrary web script or HTML … CWE-79
Cross-site Scripting 		CVE-2014-0337 2024-11-21 11:01 2014-04-5 Show GitHub Exploit DB Packet Storm
285916 - redhat jboss_enterprise_application_platform Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when using a Java Security Manager (JSM), does not properly apply permissions defined by a policy file, which causes applications to be gr… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0093 2024-11-21 11:01 2014-04-4 Show GitHub Exploit DB Packet Storm
285917 - oracle
apache 		retail_applications
tomcat
commons_fileupload 		MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU co… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0050 2024-11-21 11:01 2014-04-1 Show GitHub Exploit DB Packet Storm
285918 - redhat richfaces
jboss_web_framework_kit 		The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a… CWE-20
 Improper Input Validation  		CVE-2014-0086 2024-11-21 11:01 2014-03-31 Show GitHub Exploit DB Packet Storm
285919 - apple
postgresql 		mac_os_x
mac_os_x_server
postgresql 		The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0067 2024-11-21 11:01 2014-03-31 Show GitHub Exploit DB Packet Storm
285920 - postgresql postgresql The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library f… CWE-20
 Improper Input Validation  		CVE-2014-0066 2024-11-21 11:01 2014-03-31 Show GitHub Exploit DB Packet Storm