Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240851 4.3 警告 Jason Moore - Drupal 用の Amadou テーマモジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2715 2012-06-29 10:37 2012-05-30 Show GitHub Exploit DB Packet Storm
240852 6.8 警告 Isaac Sukin - Drupal 用の BrowserID モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2713 2012-06-29 10:35 2012-05-23 Show GitHub Exploit DB Packet Storm
240853 2.6 注意 Thomas Seidl - Drupal 用の Search API モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2712 2012-06-29 10:29 2012-05-23 Show GitHub Exploit DB Packet Storm
240854 2.1 注意 Nancy Wichmann - Drupal 用 Taxonomy List モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2711 2012-06-29 10:25 2012-05-23 Show GitHub Exploit DB Packet Storm
240855 2.6 注意 John Albin Wilkins - Drupal 用 Zen モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2710 2012-06-29 10:13 2012-05-16 Show GitHub Exploit DB Packet Storm
240856 2.1 注意 Aegir project - Drupal 用 Hostmaster モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2708 2012-06-29 10:11 2012-05-16 Show GitHub Exploit DB Packet Storm
240857 5.8 警告 Aegir project - Drupal 用 Hostmaster モジュールにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2707 2012-06-29 10:10 2012-05-16 Show GitHub Exploit DB Packet Storm
240858 4.3 警告 Peter Pokrivcak - Drupal 用 Post Affiliate Pro モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2706 2012-06-29 10:09 2012-05-16 Show GitHub Exploit DB Packet Storm
240859 2.1 注意 Christopher M. Mitchell - Drupal 用 Smart Breadcrumb モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-2705 2012-06-29 10:07 2012-05-16 Show GitHub Exploit DB Packet Storm
240860 2.6 注意 John Franklin - Drupal 用 Advertisement モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2703 2012-06-29 10:07 2012-05-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267431 7.5 HIGH
Network 		riot.js riot-compiler The riot-compiler version version 2.3.21 has an issue in a regex (Catastrophic Backtracking) thats make it unusable under certain conditions. CWE-399
 Resource Management Errors 		CVE-2016-10527 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
267432 8.6 HIGH
Network 		grunt-gh-pages_project grunt-gh-pages A common setup to deploy to gh-pages on every commit via a CI system is to expose a github token to ENV and to use it directly in the auth part of the url. In module versions < 0.9.1 the auth portion… CWE-255
CWE-532
Credentials Management
 Inclusion of Sensitive Information in Log Files 		CVE-2016-10526 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
267433 8.2 HIGH
Network 		i18n-node-angular_project i18n-node-angular i18n-node-angular is a module used to interact between i18n and angular without using additional resources. A REST API endpoint that is used for development in i18n-node-angular before 1.4.0 was not … CWE-400
 Uncontrolled Resource Consumption 		CVE-2016-10524 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
267434 7.5 HIGH
Network 		mqtt-packet_project mqtt-packet MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-10523 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
267435 7.5 HIGH
Network 		jshamcrest_project jshamcrest jshamcrest is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in to the emailAddress validator. CWE-20
 Improper Input Validation  		CVE-2016-10521 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
267436 7.5 HIGH
Network 		jadedown_project jadedown jadedown is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in. CWE-20
 Improper Input Validation  		CVE-2016-10520 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
267437 7.5 HIGH
Network 		webtorrent bittorrent-dht A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory. CWE-200
Information Exposure 		CVE-2016-10519 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
267438 7.5 HIGH
Network 		ws_project ws A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a p… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-10518 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
267439 8.1 HIGH
Network 		mystem-fix_project mystem-fix mystem-fix is a node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem-fix downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cau… CWE-310
Cryptographic Issues 		CVE-2016-10698 2024-11-21 11:44 2018-05-30 Show GitHub Exploit DB Packet Storm
267440 8.1 HIGH
Network 		massif_project massif massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested reso… CWE-310
Cryptographic Issues 		CVE-2016-10682 2024-11-21 11:44 2018-05-30 Show GitHub Exploit DB Packet Storm