Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250701	5	警告	IBM	-	IBM OmniFind における認証を回避する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3898	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

250702	5	警告	IBM	-	IBM OmniFind の ESSearchApplication/palette.do における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-3897	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

250703	7.5	危険	IBM	-	IBM OmniFind の ESSearchApplication ディレクトリツリーにおけるサーバ設定を変更される脆弱性	CWE-287 不適切な認証	CVE-2010-3896	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

250704	7.2	危険	IBM	-	IBM OmniFind の esRunCommand における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3895	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

250705	9.3	危険	IBM	-	IBM OmniFind の Java_com_ibm_es_oss_CryptionNative_ESEncrypt 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3894	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

250706	7.5	危険	IBM	-	IBM OmniFind の管理インタフェースにおける任意の管理者操作を実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3893	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

250707	6.8	警告	IBM	-	IBM OmniFind のログインフォームにおけるセッションをハイジャックされる脆弱性	CWE-Other その他	CVE-2010-3892	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

250708	6.8	警告	IBM	-	IBM OmniFind の ESAdmin/security.do におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-3891	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

250709	4.3	警告	IBM	-	IBM OmniFind におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3890	2012-03-27 18:42	2010-11-12	Show	GitHub Exploit DB Packet Storm

250710	1.9	注意	Linux	-	Linux kernel の ax25_getname 関数における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-3875	2012-03-27 18:42	2011-01-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295641	-	david_alkire	drag_\&_drop_gallery	Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators.	CWE-352 Origin Validation Error	CVE-2012-4478	2024-11-21 10:42	2012-12-1	Show	GitHub Exploit DB Packet Storm

295642	-	david_alkire	drag_\&_drop_gallery	Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4477	2024-11-21 10:42	2012-12-1	Show	GitHub Exploit DB Packet Storm

295643	-	david_alkire	drag_\&_drop_gallery	Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2012-4476	2024-11-21 10:42	2012-12-1	Show	GitHub Exploit DB Packet Storm

295644	-	security_questions_project	security_questions	The Security Questions module for Drupal 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.1 does not properly restrict access, which allows remote attackers to edit an arbitrary user's questions and a…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4475	2024-11-21 10:42	2012-12-1	Show	GitHub Exploit DB Packet Storm

295645	-	colorbox_node	dennis_blake	Multiple cross-site scripting (XSS) vulnerabilities in the Colorbox Node module 7.x-2.x before 7.x-2.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified paramet…	CWE-79 Cross-site Scripting	CVE-2012-4474	2024-11-21 10:42	2012-12-1	Show	GitHub Exploit DB Packet Storm

295646	-	christian_johansson	restrict_node_page_view	The Restrict node page view module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "view any node page" or "view any node {type} page" permission to access unpublished no…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4473	2024-11-21 10:42	2012-12-1	Show	GitHub Exploit DB Packet Storm

295647	-	david_alkire	drag_\&_drop_gallery	Unrestricted file upload vulnerability in upload.php in the Drag & Drop Gallery module 6.x-1.5 and earlier for Drupal allows remote attackers to execute arbitrary PHP code by uploading a file with an…	NVD-CWE-Other	CVE-2012-4472	2024-11-21 10:42	2012-12-1	Show	GitHub Exploit DB Packet Storm

295648	-	dominique_clause	search_autocomplete	The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the p…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4471	2024-11-21 10:42	2012-12-1	Show	GitHub Exploit DB Packet Storm

295649	-	philip_ludlam	listhandler	The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-4470	2024-11-21 10:42	2012-12-1	Show	GitHub Exploit DB Packet Storm

295650	-	simon_rycroft	hashcash	Cross-site scripting (XSS) vulnerability in the Hashcash module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.2 for Drupal, when "Log failed hashcash" is enabled, allows remote attackers to inject …	CWE-79 Cross-site Scripting	CVE-2012-4469	2024-11-21 10:42	2012-12-1	Show	GitHub Exploit DB Packet Storm