Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 4:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
243421 3.5 注意 Pidgin - Pidgin の libpurple におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2214 2012-09-6 13:40 2012-05-7 Show GitHub Exploit DB Packet Storm
243422 7.5 危険 BuddyPress.org - WordPress 用 BuddyPress プラグインの wp-load.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2109 2012-09-6 11:31 2012-09-4 Show GitHub Exploit DB Packet Storm
243423 5 警告 Coppermine Photo Gallery - Coppermine Photo Gallery における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-1614 2012-09-6 11:29 2012-09-4 Show GitHub Exploit DB Packet Storm
243424 3.5 注意 Coppermine Photo Gallery - Coppermine Photo Gallery の edit_one_pic.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1613 2012-09-6 11:28 2012-09-4 Show GitHub Exploit DB Packet Storm
243425 5 警告 TYPO3 Association - TYPO3 におけるクロスサイトスクリプティング保護メカニズムを回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-1608 2012-09-6 11:16 2012-03-28 Show GitHub Exploit DB Packet Storm
243426 5 警告 TYPO3 Association - TYPO3 の Command Line Interface スクリプトにおけるデータベース名を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-1607 2012-09-6 11:15 2012-03-28 Show GitHub Exploit DB Packet Storm
243427 3.5 注意 TYPO3 Association - TYPO3 の Backend コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1606 2012-09-6 11:12 2012-03-28 Show GitHub Exploit DB Packet Storm
243428 5 警告 TYPO3 Association - TYPO3 の Extbase Framework における任意のオブジェクトのシリアル化を解除される脆弱性 CWE-DesignError
CVE-2012-1605 2012-09-6 11:10 2012-03-28 Show GitHub Exploit DB Packet Storm
243429 5 警告 Mozilla Foundation - Bugzilla におけるファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4747 2012-09-6 10:59 2012-08-30 Show GitHub Exploit DB Packet Storm
243430 5 警告 Mozilla Foundation - Bugzilla の Auth/Verify/LDAP.pm における LDAP ディレクトリにデータを挿入される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-3981 2012-09-6 10:46 2012-08-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267701 7.5 HIGH
Network 		artifex mujs Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent attackers to conduct "denial of service (application crash)" attacks by using the "malformed label… CWE-476
 NULL Pointer Dereference 		CVE-2016-9294 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
267702 9.8 CRITICAL
Network 		exponentcms exponent_cms In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration whic… CWE-89
SQL Injection 		CVE-2016-9288 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
267703 5.3 MEDIUM
Network 		exponentcms exponent_cms framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as d… CWE-200
Information Exposure 		CVE-2016-9286 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
267704 5.3 MEDIUM
Network 		exponentcms exponent_cms framework/modules/addressbook/controllers/addressController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via a modified id number, as demonstrated by address/edit/id/1,… CWE-200
Information Exposure 		CVE-2016-9285 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
267705 5.3 MEDIUM
Network 		exponentcms exponent_cms getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via users/getUsersByJSON/sort/ and a trailing string. CWE-200
Information Exposure 		CVE-2016-9284 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
267706 7.5 HIGH
Network 		exponentcms exponent_cms SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related … CWE-89
SQL Injection 		CVE-2016-9283 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
267707 7.5 HIGH
Network 		exponentcms exponent_cms SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 allows remote attackers to read database information via action=search&module=search with the search_… CWE-89
SQL Injection 		CVE-2016-9282 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
267708 7.5 HIGH
Network 		samsung samsung_mobile Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an o… CWE-190
 Integer Overflow or Wraparound 		CVE-2016-9277 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
267709 7.8 HIGH
Local 		git_for_windows_project git_for_windows Untrusted search path vulnerability in Git 1.x for Windows allows local users to gain privileges via a Trojan horse git.exe file in the current working directory. NOTE: 2.x is unaffected. CWE-426
 Untrusted Search Path 		CVE-2016-9274 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
267710 9.1 CRITICAL
Network 		exponentcms exponent_cms A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, with the rerank array parameter, can lead to site database information disclosure and denial of service. CWE-89
SQL Injection 		CVE-2016-9272 2024-11-21 12:00 2016-11-11 Show GitHub Exploit DB Packet Storm