Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241801	4.3	警告	CKEditor Team	-	FCKeditor におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4000	2012-07-17 16:44	2012-07-12	Show	GitHub Exploit DB Packet Storm

241802	4.3	警告	Sayak Banerjee	-	Sticky Notes の admin/login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3999	2012-07-17 16:43	2012-07-12	Show	GitHub Exploit DB Packet Storm

241803	7.5	危険	Sayak Banerjee	-	Sticky Notes における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-3998	2012-07-17 16:43	2012-07-12	Show	GitHub Exploit DB Packet Storm

241804	4.3	警告	Sayak Banerjee	-	Sticky Notes におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3997	2012-07-17 16:42	2012-07-12	Show	GitHub Exploit DB Packet Storm

241805	6.8	警告	VideoLAN	-	VideoLAN VLC media player の OGG demuxer におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-3377	2012-07-17 16:36	2012-05-2	Show	GitHub Exploit DB Packet Storm

241806	6.8	警告	Wafer	-	Webmatic の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-3350	2012-07-17 16:35	2012-07-12	Show	GitHub Exploit DB Packet Storm

241807	9.3	危険	Esri	-	ESRI ArcMap および ArcGI における任意の VBA コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-1661	2012-07-17 16:29	2012-07-12	Show	GitHub Exploit DB Packet Storm

241808	6.8	警告	eXtplorer	-	eXtplorer におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-3362	2012-07-17 16:27	2012-07-12	Show	GitHub Exploit DB Packet Storm

241809	10	危険	Lawrence Berkeley National Laboratory	-	arpwatch における root 権限を取得される脆弱性	CWE-DesignError	CVE-2012-2653	2012-07-17 16:26	2012-07-12	Show	GitHub Exploit DB Packet Storm

241810	5	警告	Mahara	-	Mahara の auth/saml プラグインのデフォルト設定におけるユーザになりすまされる脆弱性	CWE-16 環境設定	CVE-2012-2351	2012-07-17 16:21	2012-03-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266511	6.5	MEDIUM Network	ibm	sametime	IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote a…	CWE-352 Origin Validation Error	CVE-2016-2965	2024-11-21 11:49	2017-08-30	Show	GitHub Exploit DB Packet Storm

266512	4.3	MEDIUM Network	ibm	sametime	IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room manager to remove the primary managers privileges. IBM X-Force ID: 113804.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-2959	2024-11-21 11:49	2017-08-30	Show	GitHub Exploit DB Packet Storm

266513	4.3	MEDIUM Network	ibm	sametime	IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that may provide details about the application to possible attackers. IBM X-Force ID: 113851.	CWE-200 Information Exposure	CVE-2016-2970	2024-11-21 11:49	2017-08-29	Show	GitHub Exploit DB Packet Storm

266514	6.1	MEDIUM Network	redhat	ovirt-engine	Cross-site scripting (XSS) vulnerability in ovirt-engine allows remote attackers to inject arbitrary web script or HTML.	CWE-79 Cross-site Scripting	CVE-2016-3113	2024-11-21 11:49	2017-08-8	Show	GitHub Exploit DB Packet Storm

266515	7.5	HIGH Network	netapp	data_ontap	NetApp Data ONTAP 8.1 and 8.2, when operating in 7-Mode, allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service via vectors related to the S…	CWE-254 7PK - Security Features	CVE-2016-3400	2024-11-21 11:49	2017-07-4	Show	GitHub Exploit DB Packet Storm

266516	7.5	HIGH Network	redhat	enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_hpc_node	mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the u…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2016-3099	2024-11-21 11:49	2017-06-9	Show	GitHub Exploit DB Packet Storm

266517	5.5	MEDIUM Local	fedoraproject pulpproject	fedora pulp	server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local users to read the generated private key.	CWE-200 Information Exposure	CVE-2016-3095	2024-11-21 11:49	2017-06-9	Show	GitHub Exploit DB Packet Storm

266518	7.5	HIGH Network	pulpproject	pulp	client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer p…	CWE-284 Improper Access Control	CVE-2016-3112	2024-11-21 11:49	2017-06-9	Show	GitHub Exploit DB Packet Storm

266519	5.5	MEDIUM Local	pulpproject	pulp	pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before late…	CWE-200 Information Exposure	CVE-2016-3111	2024-11-21 11:49	2017-06-9	Show	GitHub Exploit DB Packet Storm

266520	7.1	HIGH Local	pulpproject	pulp	The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack.	CWE-59 Link Following	CVE-2016-3108	2024-11-21 11:49	2017-06-9	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed