Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240861	6	警告	Karen Stevenson	-	Drupal 用 Date モジュールのイベントの変更フォームにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-1626	2012-09-21 14:59	2012-01-11	Show	GitHub Exploit DB Packet Storm

240862	6	警告	WizOne Solutions	-	Drupal 用 Fill PDF モジュールの fillpdf.admin.inc における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-1625	2012-09-21 14:58	2012-01-4	Show	GitHub Exploit DB Packet Storm

240863	6.8	警告	Erik Webb	-	Drupal 用 Password Policy モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-1633	2012-09-21 14:58	2012-01-11	Show	GitHub Exploit DB Packet Storm

240864	2.1	注意	Erik Webb	-	Drupal 用 Password Policy モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1632	2012-09-21 14:57	2012-01-11	Show	GitHub Exploit DB Packet Storm

240865	3.5	注意	Marco Villegas	-	Drupal 用 Vote Up/Down モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1627	2012-09-21 14:52	2012-01-11	Show	GitHub Exploit DB Packet Storm

240866	2.1	注意	Alquimia	-	Drupal 用 Managesite モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1640	2012-09-21 14:52	2012-01-25	Show	GitHub Exploit DB Packet Storm

240867	6	警告	Dominique CLAUSE	-	Drupal 用 Search Autocomplete モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-1638	2012-09-21 14:51	2012-01-25	Show	GitHub Exploit DB Packet Storm

240868	3.5	注意	CollectiveColors	-	Drupal 用 Taxonomy Views Integrator モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1653	2012-09-21 14:35	2012-02-29	Show	GitHub Exploit DB Packet Storm

240869	2.1	注意	Wim Leers	-	Drupal 用 Hierarchical Select モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1652	2012-09-21 14:34	2012-02-29	Show	GitHub Exploit DB Packet Storm

240870	3.5	注意	ThinkLeft	-	Drupal 用 Submenu Tree モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1651	2012-09-21 14:34	2012-02-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
269051	7.5	HIGH Network	cisco	asr_5000_series_software	The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote auth…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-1335	2024-11-21 11:46	2016-02-20	Show	GitHub Exploit DB Packet Storm

269052	5.3	MEDIUM Network	cisco	small_business_wireless_access_points_firmware	Cisco Small Business 500 Wireless Access Point devices with firmware 1.0.4.4 allow remote attackers to set the system time via a crafted POST request, aka Bug ID CSCuy01457.	CWE-20 Improper Input Validation	CVE-2016-1334	2024-11-21 11:46	2016-02-18	Show	GitHub Exploit DB Packet Storm

269053	6.5	MEDIUM Network	cisco	ios	Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers allows remote authenticated users to cause a denial of service (device reload) via an SNMP request for unspecified BRIDGE MIB OI…	CWE-399 Resource Management Errors	CVE-2016-1333	2024-11-21 11:46	2016-02-18	Show	GitHub Exploit DB Packet Storm

269054	6.1	MEDIUM Network	sun	opensolaris	Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID C…	CWE-79 Cross-site Scripting	CVE-2016-1331	2024-11-21 11:46	2016-02-16	Show	GitHub Exploit DB Packet Storm

269055	6.5	MEDIUM Adjacent	zzinc	keymouse_firmware	Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service (device reload) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuy27746.	CWE-399 Resource Management Errors	CVE-2016-1330	2024-11-21 11:46	2016-02-16	Show	GitHub Exploit DB Packet Storm

269056	5.8	MEDIUM Network	cisco	universal_small_cell_firmware	Cisco Universal Small Cell devices with firmware R2.12 through R3.5 contain an image-decryption key in flash memory, which allows remote attackers to bypass a certain certificate-validation feature a…	CWE-200 Information Exposure	CVE-2016-1321	2024-11-21 11:46	2016-02-16	Show	GitHub Exploit DB Packet Storm

269057	8.8	HIGH Network	opensuse debian google	opensuse debian_linux chrome	The Developer Tools (aka DevTools) subsystem in Google Chrome before 48.0.2564.109 does not validate URL schemes and ensure that the remoteBase parameter is associated with a chrome-devtools-frontend…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-1627	2024-11-21 11:46	2016-02-14	Show	GitHub Exploit DB Packet Storm

269058	4.3	MEDIUM Network	google opensuse debian	chrome opensuse debian_linux	The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, miscalculates a certain layer index value, which allows remote attackers to cause a…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1626	2024-11-21 11:46	2016-02-14	Show	GitHub Exploit DB Packet Storm

269059	4.3	MEDIUM Network	opensuse google debian	opensuse chrome debian_linux	The Chrome Instant feature in Google Chrome before 48.0.2564.109 does not ensure that a New Tab Page (NTP) navigation target is on the most-visited or suggestions list, which allows remote attackers …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-1625	2024-11-21 11:46	2016-02-14	Show	GitHub Exploit DB Packet Storm

269060	8.8	HIGH Network	opensuse google debian	opensuse chrome debian_linux	Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overfl…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1624	2024-11-21 11:46	2016-02-14	Show	GitHub Exploit DB Packet Storm