Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250631	6.4	警告	Atlassian	-	複数の Atlassian 製品における任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2926	2012-05-23 16:23	2012-05-22	Show	GitHub Exploit DB Packet Storm

250632	2.6	注意	Xelex	-	Android 用の Xelex MobileTrack アプリケーションにおける重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2012-2567	2012-05-23 15:35	2012-05-22	Show	GitHub Exploit DB Packet Storm

250633	7.6	危険	Xelex	-	Android 用の Xelex MobileTrack アプリケーションにおけるコマンドを実行される脆弱性	CWE-20 CWE-287	CVE-2012-2562	2012-05-23 15:33	2012-05-22	Show	GitHub Exploit DB Packet Storm

250634	10	危険	シマンテック	-	Symantec Web Gateway の管理画面における任意のコードをアップロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0299	2012-05-23 13:50	2012-05-17	Show	GitHub Exploit DB Packet Storm

250635	6.4	警告	シマンテック	-	Symantec Web Gateway の管理画面のファイル管理スクリプトにおける任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0298	2012-05-23 13:47	2012-05-17	Show	GitHub Exploit DB Packet Storm

250636	10	危険	シマンテック	-	Symantec Web Gateway の管理画面における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0297	2012-05-23 13:46	2012-05-17	Show	GitHub Exploit DB Packet Storm

250637	4.3	警告	シマンテック	-	Symantec Web Gateway の管理画面におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0296	2012-05-23 13:41	2012-05-17	Show	GitHub Exploit DB Packet Storm

250638	10	危険	X.Org Foundation	-	X.Org X11 の os/log.c 内の LogVHdrMessageVerb 関数におけるフォーマットストリングの脆弱性	CWE-20 不適切な入力確認	CVE-2012-2118	2012-05-22 16:19	2012-05-18	Show	GitHub Exploit DB Packet Storm

250639	3.3	注意	Debian	-	texlive-extra-utils の latex2man における任意のファイルを上書される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2120	2012-05-22 16:02	2012-05-18	Show	GitHub Exploit DB Packet Storm

250640	10	危険	The PHP Group	-	PHP の com_print_typeinfo 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-2376	2012-05-22 11:53	2012-05-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
294471	-	leon_weber	pyxtrlock	pyxtrlock before 0.1 uses an incorrect variable name, which allows physically proximate attackers to bypass the lock screen via multiple failed authentication attempts, which trigger a crash.	NVD-CWE-noinfo	CVE-2013-4426	2024-11-21 10:55	2014-05-19	Show	GitHub Exploit DB Packet Storm

294472	-	quick_tabs_module_project	quicktabs	The Quick Tabs module 6.x-2.x before 6.x-2.2, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.6 for Drupal does not properly check block permissions, which allows remote attackers to obtain sensitiv…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4406	2024-11-21 10:55	2014-05-19	Show	GitHub Exploit DB Packet Storm

294473	-	florian_weber	spaces	The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly delete organic group group spaces content when using the option to move to a new group, which causes t…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4498	2024-11-21 10:55	2014-05-18	Show	GitHub Exploit DB Packet Storm

294474	-	gitlab	gitlab	The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code …	NVD-CWE-Other	CVE-2013-4489	2024-11-21 10:55	2014-05-18	Show	GitHub Exploit DB Packet Storm

294475	-	openstack	horizon	The Identity v3 API in OpenStack Dashboard (Horizon) before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to chang…	CWE-287 Improper Authentication	CVE-2013-4471	2024-11-21 10:55	2014-05-15	Show	GitHub Exploit DB Packet Storm

294476	-	vicidial	vicidial	VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in the extension parameter in an …	NVD-CWE-Other	CVE-2013-4468	2024-11-21 10:55	2014-05-15	Show	GitHub Exploit DB Packet Storm

294477	-	katello	katello_installer	Katello Installer before 0.0.18 uses world-readable permissions for /etc/pki/tls/private/katello-node.key when deploying a child Pulp node, which allows local users to obtain the private key by readi…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4455	2024-11-21 10:55	2014-05-15	Show	GitHub Exploit DB Packet Storm

294478	-	madeofcode	omniauth-facebook	The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via the state parameter.	CWE-352 Origin Validation Error	CVE-2013-4562	2024-11-21 10:55	2014-05-14	Show	GitHub Exploit DB Packet Storm

294479	-	drupalauth_project	drupalauth	lib/Auth/Source/External.php in the drupalauth module before 1.2.2 for simpleSAMLphp allows remote attackers to authenticate as an arbitrary user via the user name (uid) in a cookie.	CWE-287 Improper Authentication	CVE-2013-4552	2024-11-21 10:55	2014-05-14	Show	GitHub Exploit DB Packet Storm

294480	-	gitlab	gitlab gitlab-shell	The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.	NVD-CWE-Other	CVE-2013-4546	2024-11-21 10:55	2014-05-14	Show	GitHub Exploit DB Packet Storm