Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241091	7.5	危険	AlexisWilke	-	Drupal 用 Protected Node モジュールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2730	2012-06-29 10:52	2012-06-13	Show	GitHub Exploit DB Packet Storm

241092	6.8	警告	ADCI LLC	-	Drupal 用 SimpleMeta モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-2729	2012-06-29 10:52	2012-06-13	Show	GitHub Exploit DB Packet Storm

241093	6.8	警告	Ronan Dowling	-	Drupal 用 Node Hierarchy モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-2728	2012-06-29 10:51	2012-06-13	Show	GitHub Exploit DB Packet Storm

241094	5.8	警告	JanRain	-	Drupal 用の Janrain Capture モジュールにおけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2012-2727	2012-06-29 10:51	2012-06-13	Show	GitHub Exploit DB Packet Storm

241095	2.1	注意	Alberto Trujillo Gonzalez	-	Drupal 用の Protest モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2726	2012-06-29 10:49	2012-06-6	Show	GitHub Exploit DB Packet Storm

241096	3.5	注意	Authoring HTML	-	Drupal 用の Authoring HTML モジュールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2725	2012-06-29 10:49	2012-06-6	Show	GitHub Exploit DB Packet Storm

241097	2.6	注意	Nextide	-	Drupal 用の Maestro モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2723	2012-06-29 10:48	2012-06-6	Show	GitHub Exploit DB Packet Storm

241098	4.3	警告	Scott Reynen	-	Drupal 用の Node Embed モジュールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2722	2012-06-29 10:47	2012-06-6	Show	GitHub Exploit DB Packet Storm

241099	6.8	警告	Moshe Weitzman	-	Drupal 用の Organic Groups モジュールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2721	2012-06-29 10:46	2012-06-6	Show	GitHub Exploit DB Packet Storm

241100	5	警告	Adam Ross	-	Drupal 用の Token Authentication モジュールにおける設定以上の権限を持つリクエストを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2720	2012-06-29 10:43	2012-06-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
286121	5.3	MEDIUM Network	apache	wicket	In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is possible to check for the existence of particular classes in the classpath and thus check whether a thi…	CWE-200 Information Exposure	CVE-2014-0043	2024-11-21 11:01	2017-10-3	Show	GitHub Exploit DB Packet Storm

286122	6.1	MEDIUM Network	redhat	satellite	Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3.	CWE-79 Cross-site Scripting	CVE-2014-0141	2024-11-21 11:01	2017-08-29	Show	GitHub Exploit DB Packet Storm

286123	5.5	MEDIUM Local	qemu	qemu	The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an…	CWE-476 NULL Pointer Dereference	CVE-2014-0146	2024-11-21 11:01	2017-08-11	Show	GitHub Exploit DB Packet Storm

286124	7.8	HIGH Local	qemu	qemu	Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_sn…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-0145	2024-11-21 11:01	2017-08-11	Show	GitHub Exploit DB Packet Storm

286125	5.5	MEDIUM Local	qemu	qemu	QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallel…	CWE-369 Divide By Zero	CVE-2014-0142	2024-11-21 11:01	2017-08-11	Show	GitHub Exploit DB Packet Storm

286126	7.0	HIGH Local	redhat qemu	enterprise_linux qemu	Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in…	CWE-190 Integer Overflow or Wraparound	CVE-2014-0143	2024-11-21 11:01	2017-08-11	Show	GitHub Exploit DB Packet Storm

286127	8.8	HIGH Network	pivotal_software vmware	spring_framework	When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references…	CWE-611 XXE	CVE-2014-0225	2024-11-21 11:01	2017-05-26	Show	GitHub Exploit DB Packet Storm

286128	7.3	HIGH Network	vmware	spring_security	The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authentic…	CWE-287 Improper Authentication	CVE-2014-0097	2024-11-21 11:01	2017-05-26	Show	GitHub Exploit DB Packet Storm

286129	7.5	HIGH Network	aescrypt_project	aescrypt	The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms vi…	CWE-330 Use of Insufficiently Random Values	CVE-2013-7463	2024-11-21 11:01	2017-04-20	Show	GitHub Exploit DB Packet Storm

286130	7.5	HIGH Network	pulpproject	pulp	Pulp before 2.3.0 uses the same the same certificate authority key and certificate for all installations.	CWE-295 Improper Certificate Validation	CVE-2013-7450	2024-11-21 11:01	2017-04-4	Show	GitHub Exploit DB Packet Storm