Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240861 6 警告 Karen Stevenson - Drupal 用 Date モジュールのイベントの変更フォームにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1626 2012-09-21 14:59 2012-01-11 Show GitHub Exploit DB Packet Storm
240862 6 警告 WizOne Solutions - Drupal 用 Fill PDF モジュールの fillpdf.admin.inc における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-1625 2012-09-21 14:58 2012-01-4 Show GitHub Exploit DB Packet Storm
240863 6.8 警告 Erik Webb - Drupal 用 Password Policy モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-1633 2012-09-21 14:58 2012-01-11 Show GitHub Exploit DB Packet Storm
240864 2.1 注意 Erik Webb - Drupal 用 Password Policy モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1632 2012-09-21 14:57 2012-01-11 Show GitHub Exploit DB Packet Storm
240865 3.5 注意 Marco Villegas - Drupal 用 Vote Up/Down モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1627 2012-09-21 14:52 2012-01-11 Show GitHub Exploit DB Packet Storm
240866 2.1 注意 Alquimia - Drupal 用 Managesite モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1640 2012-09-21 14:52 2012-01-25 Show GitHub Exploit DB Packet Storm
240867 6 警告 Dominique CLAUSE - Drupal 用 Search Autocomplete モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1638 2012-09-21 14:51 2012-01-25 Show GitHub Exploit DB Packet Storm
240868 3.5 注意 CollectiveColors - Drupal 用 Taxonomy Views Integrator モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1653 2012-09-21 14:35 2012-02-29 Show GitHub Exploit DB Packet Storm
240869 2.1 注意 Wim Leers - Drupal 用 Hierarchical Select モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1652 2012-09-21 14:34 2012-02-29 Show GitHub Exploit DB Packet Storm
240870 3.5 注意 ThinkLeft - Drupal 用 Submenu Tree モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1651 2012-09-21 14:34 2012-02-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269021 7.5 HIGH
Network 		rest\/json_project rest\/json The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. NVD-CWE-Other
CVE-2016-20003 2024-11-21 11:47 2021-01-1 Show GitHub Exploit DB Packet Storm
269022 9.8 CRITICAL
Network 		rest\/json_project rest\/json The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. CWE-863
 Incorrect Authorization 		CVE-2016-20002 2024-11-21 11:47 2021-01-1 Show GitHub Exploit DB Packet Storm
269023 9.8 CRITICAL
Network 		rest\/json_project rest\/json The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. CWE-863
 Incorrect Authorization 		CVE-2016-20001 2024-11-21 11:47 2021-01-1 Show GitHub Exploit DB Packet Storm
269024 7.5 HIGH
Network 		rest\/json_project rest\/json The REST/JSON project 7.x-1.x for Drupal allows session enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. NVD-CWE-Other
CVE-2016-20008 2024-11-21 11:47 2021-01-1 Show GitHub Exploit DB Packet Storm
269025 7.5 HIGH
Network 		rest\/json_project rest\/json The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. CWE-613
 Insufficient Session Expiration 		CVE-2016-20007 2024-11-21 11:47 2021-01-1 Show GitHub Exploit DB Packet Storm
269026 7.5 HIGH
Network 		rest\/json_project rest\/json The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. NVD-CWE-noinfo
CVE-2016-20006 2024-11-21 11:47 2021-01-1 Show GitHub Exploit DB Packet Storm
269027 7.5 HIGH
Network 		arubanetworks arubaos
aruba_instant
airwave 		A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain… CWE-287
Improper Authentication 		CVE-2016-2032 2024-11-21 11:47 2020-02-1 Show GitHub Exploit DB Packet Storm
269028 9.8 CRITICAL
Network 		arubanetworks
siemens 		arubaos
aruba_instant
airwave
scalance_w1750d_firmware 		Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a maliciou… CWE-20
 Improper Input Validation  		CVE-2016-2031 2024-11-21 11:47 2020-02-1 Show GitHub Exploit DB Packet Storm
269029 8.8 HIGH
Network 		samba samba A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses… - CVE-2016-2123 2024-11-21 11:47 2018-11-1 Show GitHub Exploit DB Packet Storm
269030 6.5 MEDIUM
Network 		powerdns
debian 		authoritative
debian_linux 		An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone u… CWE-190
 Integer Overflow or Wraparound 		CVE-2016-2120 2024-11-21 11:47 2018-11-1 Show GitHub Exploit DB Packet Storm