Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
245551 3.5 注意 The phpMyAdmin Project - phpMyAdmin の Database Structure ページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-4345 2012-09-14 16:38 2012-08-16 Show GitHub Exploit DB Packet Storm
245552 5 警告 The phpMyAdmin Project - phpMyAdmin の show_config_errors.php における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2012-4219 2012-09-14 16:37 2012-08-9 Show GitHub Exploit DB Packet Storm
245553 3.5 注意 レッドハット - libvirt の virTypedParameterArrayClear 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2012-3445 2012-09-14 16:35 2012-08-7 Show GitHub Exploit DB Packet Storm
245554 4.3 警告 ImageMagick - ImageMagick の coders/png.c の Magick_png_malloc 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2012-3437 2012-09-14 16:34 2012-08-7 Show GitHub Exploit DB Packet Storm
245555 4.9 警告 OpenStack - OpenStack Keystone における承認の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2012-3426 2012-09-14 16:33 2012-05-8 Show GitHub Exploit DB Packet Storm
245556 4.3 警告 PNG Development Group - libpng の pngpread.c におけるサービス運用妨害 (out-of-bounds read) の脆弱性 CWE-119
バッファエラー
CVE-2012-3425 2012-09-14 16:32 2012-08-13 Show GitHub Exploit DB Packet Storm
245557 6.8 警告 レッドハット - IcedTea-Web プラグインにおけるサービス運用妨害 (クラッシュ) の脆弱性 CWE-119
バッファエラー
CVE-2012-3422 2012-09-14 16:30 2012-07-31 Show GitHub Exploit DB Packet Storm
245558 2.1 注意 Puppet - Puppet および Puppet Enterprise における重要な設定情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2012-3866 2012-09-14 16:29 2012-08-6 Show GitHub Exploit DB Packet Storm
245559 5 警告 SGI - Performance Co-Pilot におけるサービス運用妨害 (pmcd ハング) の脆弱性 CWE-DesignError
CVE-2012-3421 2012-09-14 16:29 2012-08-16 Show GitHub Exploit DB Packet Storm
245560 5 警告 SGI - Performance Co-Pilot におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2012-3420 2012-09-14 16:27 2012-08-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252761 6.1 MEDIUM
Network
javamelody_project javamelody JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI. CWE-79
Cross-site Scripting
CVE-2018-12432 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252762 4.8 MEDIUM
Network
seacms seacms SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page). CWE-79
Cross-site Scripting
CVE-2018-12431 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252763 9.8 CRITICAL
Network
simple_password_store_project simple_password_store An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, … CWE-347
 Improper Verification of Cryptographic Signature
CVE-2018-12356 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252764 7.5 HIGH
Network
matrix synapse In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force. NVD-CWE-noinfo
CVE-2018-12423 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252765 7.5 HIGH
Network
icehrm icehrm IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. CWE-327
 Use of a Broken or Risky Cryptographic Algorithm
CVE-2018-12420 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252766 9.8 CRITICAL
Network
ltb-project ldap_tool_box_self_service_password LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishan… CWE-640
 Weak Password Recovery Mechanism for Forgotten Password
CVE-2018-12421 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252767 5.5 MEDIUM
Local
junrar_project junrar Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2018-12418 2024-11-21 12:45 2018-06-15 Show GitHub Exploit DB Packet Storm
252768 6.1 MEDIUM
Network
eng knowage Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name or description field to the "Olap Schemas' Catalogue" catalogue. CWE-79
Cross-site Scripting
CVE-2018-12355 2024-11-21 12:45 2018-06-14 Show GitHub Exploit DB Packet Storm
252769 8.8 HIGH
Network
knowage-suite knowage Knowage (formerly SpagoBI) 6.1.1 allows CSRF via every form, as demonstrated by a /knowage/restful-services/2.0/analyticalDrivers/ POST request. CWE-352
 Origin Validation Error
CVE-2018-12354 2024-11-21 12:45 2018-06-14 Show GitHub Exploit DB Packet Storm
252770 6.1 MEDIUM
Network
knowage-suite knowage Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name field to the "Business Model's Catalogue" catalogue. CWE-79
Cross-site Scripting
CVE-2018-12353 2024-11-21 12:45 2018-06-14 Show GitHub Exploit DB Packet Storm