Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241181	6.8	警告	FrankDevelopper	-	VR GPub の admin/admin_options.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-5005	2012-09-21 16:05	2012-09-19	Show	GitHub Exploit DB Packet Storm

241182	6.8	警告	Parallels	-	Parallels H-Sphere におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-5004	2012-09-21 16:04	2012-09-19	Show	GitHub Exploit DB Packet Storm

241183	6.8	警告	NoMachine	-	NoMachine NX Web Companion の nxapplet.jar における任意のコードを実行される脆弱性	CWE-287 不適切な認証	CVE-2012-5003	2012-09-21 16:04	2012-09-19	Show	GitHub Exploit DB Packet Storm

241184	4.3	警告	Clonemonster	-	Social Book Facebook Clone におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5190	2012-09-21 16:03	2012-09-20	Show	GitHub Exploit DB Packet Storm

241185	2.1	注意	Sven Decabooter	-	Drupal 用 Webform Validation モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5189	2012-09-21 15:35	2011-11-30	Show	GitHub Exploit DB Packet Storm

241186	2.1	注意	Tag1 Consulting	-	Drupal 用 Support Timer モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5188	2012-09-21 15:34	2011-11-30	Show	GitHub Exploit DB Packet Storm

241187	2.1	注意	Tag1 Consulting	-	Drupal 用 Support Ticketing System モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5187	2012-09-21 15:34	2011-11-30	Show	GitHub Exploit DB Packet Storm

241188	4.3	警告	Burnsy	-	e107 用 jbShop プラグインの jbshop.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5186	2012-09-21 15:32	2012-09-20	Show	GitHub Exploit DB Packet Storm

241189	4.3	警告	realmatrix	-	Online Subtitles Workshop におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5185	2012-09-21 15:31	2012-09-20	Show	GitHub Exploit DB Packet Storm

241190	4.3	警告	ヒューレット・パッカード	-	HP Network Node Manager i におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5184	2012-09-21 15:30	2012-09-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
287331	-	hp	network_virtualization	Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute…	CWE-22 Path Traversal	CVE-2014-2626	2024-11-21 11:06	2014-07-27	Show	GitHub Exploit DB Packet Storm

287332	-	hp	network_virtualization	Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to read arbitrary files via crafted input,…	CWE-22 Path Traversal	CVE-2014-2625	2024-11-21 11:06	2014-07-27	Show	GitHub Exploit DB Packet Storm

287333	-	morpho	itemiser_3	Morpho Itemiser 3 8.17 has hardcoded administrative credentials, which makes it easier for remote attackers to obtain access via a login request.	NVD-CWE-Other	CVE-2014-2363	2024-11-21 11:06	2014-07-26	Show	GitHub Exploit DB Packet Storm

287334	-	honeywell	falcon_xlweb_linux_controller falcon_xlweb_xlwebexe	Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain adminis…	NVD-CWE-Other	CVE-2014-2717	2024-11-21 11:06	2014-07-24	Show	GitHub Exploit DB Packet Storm

287335	-	omron	ns_series_system_program_firmware ns10_hmi_terminal ns12_hmi_terminal ns15_hmi_terminal ns5_hmi_terminal ns8_hmi_terminal	Cross-site scripting (XSS) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to inject arbitrary web scr…	CWE-79 Cross-site Scripting	CVE-2014-2370	2024-11-21 11:06	2014-07-24	Show	GitHub Exploit DB Packet Storm

287336	-	omron	ns_series_system_program_firmware ns10_hmi_terminal ns12_hmi_terminal ns15_hmi_terminal ns5_hmi_terminal ns8_hmi_terminal	Cross-site request forgery (CSRF) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authen…	CWE-352 Origin Validation Error	CVE-2014-2369	2024-11-21 11:06	2014-07-24	Show	GitHub Exploit DB Packet Storm

287337	-	oleumtech	wio_dh2_wireless_gateway sensor_wireless_i\/o_module	OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic p…	NVD-CWE-Other	CVE-2014-2362	2024-11-21 11:06	2014-07-24	Show	GitHub Exploit DB Packet Storm

287338	-	oleumtech	wio_dh2_wireless_gateway sensor_wireless_i\/o_module	OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to…	NVD-CWE-Other	CVE-2014-2361	2024-11-21 11:06	2014-07-24	Show	GitHub Exploit DB Packet Storm

287339	-	oleumtech	wio_dh2_wireless_gateway sensor_wireless_i\/o_module	OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage.	CWE-20 Improper Input Validation	CVE-2014-2360	2024-11-21 11:06	2014-07-24	Show	GitHub Exploit DB Packet Storm

287340	-	sophos	anti-virus	Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeF…	CWE-79 Cross-site Scripting	CVE-2014-2385	2024-11-21 11:06	2014-07-22	Show	GitHub Exploit DB Packet Storm