Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 23, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 241371 | 7.8 | 危険 | ヒューレット・パッカード | - | HP Serviceguard におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2012-3252 | 2012-08-22 16:47 | 2012-08-15 | Show | GitHub Exploit DB Packet Storm |
| 241372 | 7.7 | 危険 | ヒューレット・パッカード | - | HP Virtual SAN Appliance 上で稼働する HP SAN/iQ における任意のコマンドを実行される脆弱性 |
CWE-78
OSコマンド・インジェクション |
CVE-2012-2986 | 2012-08-22 16:46 | 2012-08-20 | Show | GitHub Exploit DB Packet Storm |
| 241373 | 2.1 | 注意 | Tecnick.com | - | TCExam の admin/code/tce_edit_answer.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-4238 | 2012-08-22 16:44 | 2012-08-6 | Show | GitHub Exploit DB Packet Storm |
| 241374 | 6.8 | 警告 | Tecnick.com | - | TCExam における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2012-4237 | 2012-08-22 16:43 | 2012-08-6 | Show | GitHub Exploit DB Packet Storm |
| 241375 | 4.3 | 警告 | Jease | - | Jease におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-4052 | 2012-08-22 16:42 | 2012-08-20 | Show | GitHub Exploit DB Packet Storm |
| 241376 | 4.3 | 警告 | Total Shop UK | - | Total Shop UK eCommerce Open Source におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-4236 | 2012-08-22 16:40 | 2012-08-20 | Show | GitHub Exploit DB Packet Storm |
| 241377 | 4.9 | 警告 | OpenStack | - | OpenStack Compute (Nova) の virt/disk/api.py における任意のファイルを上書される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2012-3447 | 2012-08-22 16:34 | 2012-07-31 | Show | GitHub Exploit DB Packet Storm |
| 241378 | 5 | 警告 | Debian | - | devotee における秘密のあだ名を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2012-2387 | 2012-08-22 16:24 | 2012-08-20 | Show | GitHub Exploit DB Packet Storm |
| 241379 | 5 | 警告 | GNOME Project | - | libsoup における認証を回避される脆弱性 |
CWE-287
不適切な認証 |
CVE-2012-2132 | 2012-08-22 16:20 | 2011-12-15 | Show | GitHub Exploit DB Packet Storm |
| 241380 | 6.8 | 警告 | Libav | - | Libav の libavcodec におけるヒープベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2012-0947 | 2012-08-22 16:19 | 2012-05-4 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 23, 2026, 4:08 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 285931 | - | siemens | simatic_wincc_open_architecture | Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash algorithm for passwords, which makes it easier for remote attackers to obtain access via a brute-force attack. |
CWE-310
Cryptographic Issues |
CVE-2014-1696 | 2024-11-21 11:04 | 2014-02-7 | Show | GitHub Exploit DB Packet Storm | |
| 285932 | - | symantec | encryption_management_server | The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of ar… |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2014-1643 | 2024-11-21 11:04 | 2014-02-7 | Show | GitHub Exploit DB Packet Storm | |
| 285933 | - | citrix |
xenmobile_device_manager xenmobile_device_manager_mdm |
Unspecified vulnerability in Citrix XenMobile Device Manager server (formerly Zenprise Device Manager server) 8.5, 8.6, and MDM 8.0.1 allows remote attackers to obtain sensitive information via unkno… |
NVD-CWE-noinfo
|
CVE-2014-1663 | 2024-11-21 11:04 | 2014-02-7 | Show | GitHub Exploit DB Packet Storm | |
| 285934 | - |
mozilla oracle fedoraproject suse opensuse debian canonical |
network_security_services seamonkey firefox firefox_esr thunderbird enterprise_manager_ops_center vm_server fedora linux_enterprise_desktop linux_enterprise_server opens… |
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does n… |
CWE-326
Inadequate Encryption Strength |
CVE-2014-1491 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 285935 | - |
mozilla oracle fedoraproject suse opensuse debian canonical |
network_security_services seamonkey firefox firefox_esr thunderbird enterprise_manager_ops_center vm_server fedora linux_enterprise_desktop linux_enterprise_server opens… |
Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24… |
CWE-362
Race Condition |
CVE-2014-1490 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 285936 | - |
oracle suse mozilla opensuse_project opensuse canonical |
solaris linux_enterprise_desktop linux_enterprise_server linux_enterprise_software_development_kit firefox opensuse ubuntu_linux |
Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore… |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2014-1489 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 285937 | - |
mozilla canonical oracle suse opensuse |
seamonkey firefox ubuntu_linux solaris linux_enterprise_desktop linux_enterprise_server opensuse linux_enterprise_software_development_kit |
The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that ha… |
NVD-CWE-noinfo
|
CVE-2014-1488 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 285938 | - |
mozilla oracle canonical suse opensuse |
seamonkey firefox solaris ubuntu_linux linux_enterprise_desktop linux_enterprise_server opensuse linux_enterprise_software_development_kit |
The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directiv… |
NVD-CWE-noinfo
|
CVE-2014-1485 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 285939 | - |
suse mozilla opensuse_project opensuse oracle |
linux_enterprise_desktop linux_enterprise_server linux_enterprise_software_development_kit firefox opensuse solaris |
Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application. |
CWE-200
Information Exposure |
CVE-2014-1484 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 285940 | - |
oracle canonical mozilla suse opensuse |
solaris ubuntu_linux seamonkey firefox linux_enterprise_desktop linux_enterprise_server opensuse suse_linux_enterprise_software_development_kit |
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain t… |
CWE-1021
Improper Restriction of Rendered UI Layers or Frames |
CVE-2014-1483 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm |