Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240721 4.3 警告 Moodle - Moodle の mod/wiki/pagelib.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4299 2012-07-12 14:56 2011-10-18 Show GitHub Exploit DB Packet Storm
240722 6.8 警告 Moodle - Moodle の mod/wiki/ コンポーネントにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-4298 2012-07-12 14:55 2011-10-18 Show GitHub Exploit DB Packet Storm
240723 10 危険 ヒューレット・パッカード - HP Operations Agent における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-2020 2012-07-12 14:49 2012-07-9 Show GitHub Exploit DB Packet Storm
240724 10 危険 ヒューレット・パッカード - HP Operations Agent における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-2019 2012-07-12 14:48 2012-07-9 Show GitHub Exploit DB Packet Storm
240725 4.3 警告 マイクロソフト - 複数の Microsoft 製品の toStaticHTML API におけるクロスサイトスクリプティングの脆弱性 CWE-200
情報漏えい 		CVE-2012-1858 2012-07-12 14:23 2012-06-12 Show GitHub Exploit DB Packet Storm
240726 7.8 危険 Synel - Synel SY-780/A にサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2970 2012-07-11 16:22 2012-07-10 Show GitHub Exploit DB Packet Storm
240727 4.3 警告 Astaro
ソフォス		 - Astaro Security Gateway におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-3238 2012-07-11 16:09 2012-07-9 Show GitHub Exploit DB Packet Storm
240728 5 警告 Apache Software Foundation - Apache Sling におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2138 2012-07-11 16:03 2012-06-6 Show GitHub Exploit DB Packet Storm
240729 7.8 危険 F5 Networks - 複数の F5 製品における SSH でログインされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-1493 2012-07-11 15:58 2012-06-6 Show GitHub Exploit DB Packet Storm
240730 6 警告 Digium - Asterisk Open Source の ast_uri_encode 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-0495 2012-07-10 14:35 2011-01-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267561 6.1 MEDIUM
Network 		kohanaframework
debian 		kohana
debian_linux 		Cross-site scripting (XSS) vulnerability in the Security component of Kohana before 3.3.6 allows remote attackers to inject arbitrary web script or HTML by bypassing the strip_image_tags protection m… CWE-79
Cross-site Scripting 		CVE-2016-10510 2024-11-21 11:44 2017-09-1 Show GitHub Exploit DB Packet Storm
267562 7.2 HIGH
Network 		opencart opencart SQL injection vulnerability in the updateAmazonOrderTracking function in upload/admin/model/openbay/amazon.php in OpenCart before version 2.3.0.0 allows remote authenticated administrators to execute… CWE-89
SQL Injection 		CVE-2016-10509 2024-11-21 11:44 2017-09-1 Show GitHub Exploit DB Packet Storm
267563 6.1 MEDIUM
Network 		phpthumb_project phpthumb Multiple cross-site scripting (XSS) vulnerabilities in phpThumb() before 1.7.14 allow remote attackers to inject arbitrary web script or HTML via parameters in demo/phpThumb.demo.showpic.php. CWE-79
Cross-site Scripting 		CVE-2016-10508 2024-11-21 11:44 2017-09-1 Show GitHub Exploit DB Packet Storm
267564 6.5 MEDIUM
Network 		uclouvain openjpeg Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application … CWE-190
 Integer Overflow or Wraparound 		CVE-2016-10507 2024-11-21 11:44 2017-08-30 Show GitHub Exploit DB Packet Storm
267565 6.5 MEDIUM
Network 		uclouvain openjpeg Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (applic… CWE-369
 Divide By Zero 		CVE-2016-10506 2024-11-21 11:44 2017-08-30 Show GitHub Exploit DB Packet Storm
267566 6.5 MEDIUM
Network 		uclouvain openjpeg NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in… CWE-476
 NULL Pointer Dereference 		CVE-2016-10505 2024-11-21 11:44 2017-08-30 Show GitHub Exploit DB Packet Storm
267567 6.5 MEDIUM
Network 		uclouvain openjpeg Heap-based buffer overflow vulnerability in the opj_mqc_byteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp f… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-10504 2024-11-21 11:44 2017-08-30 Show GitHub Exploit DB Packet Storm
267568 4.3 MEDIUM
Network 		ibm sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated and invited user of Sametime meeting to lower any or all hands in an e-meeting, thus spoofing results of votes in the meeting. I… CWE-20
 Improper Input Validation  		CVE-2016-10503 2024-11-21 11:44 2017-08-30 Show GitHub Exploit DB Packet Storm
267569 6.1 MEDIUM
Network 		apostrophecms sanitize-html sanitize-html before 1.4.3 has XSS. CWE-79
Cross-site Scripting 		CVE-2016-1000237 2024-11-21 11:43 2020-01-24 Show GitHub Exploit DB Packet Storm
267570 6.1 MEDIUM
Network 		smartbear
redhat 		swagger-ui
openshift
jboss_fuse 		swagger-ui has XSS in key names CWE-79
Cross-site Scripting 		CVE-2016-1000229 2024-11-21 11:43 2019-12-20 Show GitHub Exploit DB Packet Storm