Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240571 6.8 警告 Ubercart.org - Drupal 用 Ubercart Bulk Stock Updater モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2057 2012-09-19 16:33 2012-03-14 Show GitHub Exploit DB Packet Storm
240572 6.8 警告 Nathan Phillip Brink - Drupal 用 Content Lock モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2056 2012-09-19 16:31 2012-03-14 Show GitHub Exploit DB Packet Storm
240573 4.3 警告 Nikola Posa - Webfolio CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1899 2012-09-19 16:29 2012-09-17 Show GitHub Exploit DB Packet Storm
240574 4.3 警告 Netwin Ltd - NetWin SurgeMail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2575 2012-09-19 16:25 2012-09-17 Show GitHub Exploit DB Packet Storm
240575 4.3 警告 Oxwall - Oxwall の ow_updates/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4928 2012-09-19 16:21 2012-09-15 Show GitHub Exploit DB Packet Storm
240576 7.5 危険 LimeSurvey - LimeSurvey における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-4927 2012-09-19 16:21 2012-02-24 Show GitHub Exploit DB Packet Storm
240577 6.4 警告 ImgPals - ImgPals Photo Host の approve.php における管理者のアクティベーションを変更される脆弱性 CWE-287
不適切な認証 		CVE-2012-4926 2012-09-19 16:20 2012-09-15 Show GitHub Exploit DB Packet Storm
240578 7.5 危険 ImgPals - ImgPals Photo Host の approve.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-4925 2012-09-19 16:20 2012-09-15 Show GitHub Exploit DB Packet Storm
240579 9.3 危険 ASUSTeK Computer Inc. - ASUS Net4Switch 用 ipswcom.dll ActiveX コンポーネントにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-4924 2012-09-19 16:18 2012-09-15 Show GitHub Exploit DB Packet Storm
240580 4.3 警告 Endian - Endian Firewall におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4923 2012-09-19 16:17 2012-09-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268361 7.2 HIGH
Network 		netgear prosafe_wc9500_firmware
prosafe_wc7600_firmware
prosafe_wc7520_firmware 		NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login… CWE-78
OS Command  		CVE-2016-11022 2024-11-21 11:45 2020-03-24 Show GitHub Exploit DB Packet Storm
268362 6.5 MEDIUM
Network 		zohocorp manageengine_password_manager_pro In ZOHO Password Manager Pro (PMP) 8.3.0 (Build 8303) and 8.4.0 (Build 8400,8401,8402), underprivileged users can obtain sensitive information (entry password history) via a vulnerable hidden service. CWE-200
Information Exposure 		CVE-2016-1159 2024-11-21 11:45 2020-03-10 Show GitHub Exploit DB Packet Storm
268363 7.2 HIGH
Network 		dlink dcs-930l_firmware setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter. CWE-78
OS Command  		CVE-2016-11021 2024-11-21 11:45 2020-03-9 Show GitHub Exploit DB Packet Storm
268364 9.8 CRITICAL
Network 		kunena kunena Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2016-11020 2024-11-21 11:45 2020-02-26 Show GitHub Exploit DB Packet Storm
268365 9.8 CRITICAL
Network 		huge-it image_gallery An issue was discovered in the Huge-IT gallery-images plugin before 1.9.0 for WordPress. The headers Client-Ip and X-Forwarded-For are prone to unauthenticated SQL injection. The affected file is gal… CWE-89
SQL Injection 		CVE-2016-11018 2024-11-21 11:45 2020-01-22 Show GitHub Exploit DB Packet Storm
268366 9.8 CRITICAL
Network 		akips network_monitor The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a … CWE-78
OS Command  		CVE-2016-11017 2024-11-21 11:45 2020-01-7 Show GitHub Exploit DB Packet Storm
268367 6.1 MEDIUM
Network 		netgear jnr1010_firmware NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS. CWE-79
Cross-site Scripting 		CVE-2016-11016 2024-11-21 11:45 2019-10-16 Show GitHub Exploit DB Packet Storm
268368 6.5 MEDIUM
Network 		netgear jnr1010_firmware NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter. CWE-352
 Origin Validation Error 		CVE-2016-11015 2024-11-21 11:45 2019-10-16 Show GitHub Exploit DB Packet Storm
268369 9.8 CRITICAL
Network 		netgear jnr1010_firmware NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case. CWE-613
 Insufficient Session Expiration 		CVE-2016-11014 2024-11-21 11:45 2019-10-16 Show GitHub Exploit DB Packet Storm
268370 6.1 MEDIUM
Network 		agentevolution impress_listings The wp-listings plugin before 2.0.2 for WordPress has includes/views/single-listing.php XSS. CWE-79
Cross-site Scripting 		CVE-2016-11013 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm