Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251001 4.3 警告 ヒューレット・パッカード - HP Insight Control Performance Management におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4030 2012-03-27 18:42 2010-10-28 Show GitHub Exploit DB Packet Storm
251002 7.5 危険 ヒューレット・パッカード - HP Storage Essentials における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-4029 2012-03-27 18:42 2010-10-26 Show GitHub Exploit DB Packet Storm
251003 7.5 危険 ヒューレット・パッカード - HP LoadRunner の LoadRunner Web Tours におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-4028 2012-03-27 18:42 2010-10-26 Show GitHub Exploit DB Packet Storm
251004 5.6 警告 ヒューレット・パッカード - HP Palm webOS のカメラアプリケーションにおける任意のファイルを上書される脆弱性 CWE-noinfo
情報不足 		CVE-2010-4027 2012-03-27 18:42 2010-10-26 Show GitHub Exploit DB Packet Storm
251005 6.2 警告 ヒューレット・パッカード - HP Palm webOS のサービス API における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-4026 2012-03-27 18:42 2010-10-26 Show GitHub Exploit DB Packet Storm
251006 9.3 危険 ヒューレット・パッカード - HP Palm webOS の Doc Viewer における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-4025 2012-03-27 18:42 2010-10-26 Show GitHub Exploit DB Packet Storm
251007 6.8 警告 ヒューレット・パッカード - HP Insight Control Power Management におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-4024 2012-03-27 18:42 2010-10-25 Show GitHub Exploit DB Packet Storm
251008 4.3 警告 ヒューレット・パッカード - HP Insight Control Power Management におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4023 2012-03-27 18:42 2010-10-25 Show GitHub Exploit DB Packet Storm
251009 6.2 警告 アップル - Apple の iOS におけるパスワードロックを回避される脆弱性 CWE-362
競合状態 		CVE-2010-4012 2012-03-27 18:42 2010-12-8 Show GitHub Exploit DB Packet Storm
251010 5 警告 オラクル - Oracle Mojarra における View State を変更される脆弱性 CWE-310
暗号の問題 		CVE-2010-4007 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297001 - fortinet fortigate-3140b
fortigate-60c
fortigate-3040b
fortigate-300c
fortigate-600c
fortigate-5001a-sw
fortigate-3240c
fortigate-310b
fortigate-800c
fortigate-5020
fortigate-100… 		The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier … CWE-295
Improper Certificate Validation  		CVE-2012-4948 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
297002 - ibm websphere_application_server Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hij… CWE-352
 Origin Validation Error 		CVE-2012-4853 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
297003 - ibm websphere_application_server Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. CWE-79
Cross-site Scripting 		CVE-2012-4851 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
297004 - ibm websphere_application_server IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1, when JAX-RS is used, does not properly validate requests, which allows remote attackers to gain privileges via unspecified vectors. CWE-20
 Improper Input Validation  		CVE-2012-4850 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
297005 - ibm cognos_business_intelligence IBM Cognos Business Intelligence (BI) 8.4 and 8.4.1 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted request containing a zero-valued byte. CWE-189
Numeric Errors 		CVE-2012-4847 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
297006 - microsoft .net_framework The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary c… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4777 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
297007 - microsoft .net_framework The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy setting… CWE-20
 Improper Input Validation  		CVE-2012-4776 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
297008 - microsoft internet_explorer Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability." CWE-399
 Resource Management Errors 		CVE-2012-4775 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
297009 - bestpractical rt Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG clie… CWE-94
Code Injection 		CVE-2012-4884 2024-11-21 10:43 2012-11-11 Show GitHub Exploit DB Packet Storm
297010 - bestpractical rt Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "mod… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4734 2024-11-21 10:43 2012-11-11 Show GitHub Exploit DB Packet Storm