Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251111 3.3 注意 Jasig - phpCAS の PGTStorage/pgt-file.php における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-3691 2012-03-27 18:42 2010-10-7 Show GitHub Exploit DB Packet Storm
251112 4.3 警告 Jasig - phpCAS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3690 2012-03-27 18:42 2010-10-7 Show GitHub Exploit DB Packet Storm
251113 7.5 危険 NetArt Media - NetArtMEDIA WebSiteAdmin の ADMIN/login.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-3688 2012-03-27 18:42 2010-09-29 Show GitHub Exploit DB Packet Storm
251114 5 警告 Alex Kellner
TYPO3 Association		 - TYPO3 の powermail extension における検証を回避される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3687 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
251115 2.1 注意 Synology Inc. - Synology Disk Station の FTP 認証モジュールにおける重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-3684 2012-03-27 18:42 2010-09-29 Show GitHub Exploit DB Packet Storm
251116 7.5 危険 wire plastic design - wpQuiz における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3608 2012-03-27 18:42 2010-09-24 Show GitHub Exploit DB Packet Storm
251117 4.3 警告 NetArt Media - NetArt MEDIA Real Estate Portal の AGENTS/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3607 2012-03-27 18:42 2010-09-24 Show GitHub Exploit DB Packet Storm
251118 6.8 警告 NetArt Media - NetArt MEDIA Real Estate Portal の AGENTS/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-3606 2012-03-27 18:42 2010-09-24 Show GitHub Exploit DB Packet Storm
251119 4.3 警告 Alex Kellner
TYPO3 Association		 - TYPO3 の powermail extension におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3605 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
251120 7.5 危険 Alex Kellner
TYPO3 Association		 - TYPO3 の powermail extension における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3604 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297421 - google mod_pagespeed Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecif… CWE-79
Cross-site Scripting 		CVE-2012-4360 2024-11-21 10:42 2012-09-15 Show GitHub Exploit DB Packet Storm
297422 - google mod_pagespeed The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified … CWE-20
 Improper Input Validation  		CVE-2012-4001 2024-11-21 10:42 2012-09-15 Show GitHub Exploit DB Packet Storm
297423 - cybozu kunai_browser_for_remote_service The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a cra… CWE-200
Information Exposure 		CVE-2012-4013 2024-11-21 10:42 2012-09-15 Show GitHub Exploit DB Packet Storm
297424 - wordpress wordpress wp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is enabled, does not check for network-administrator privileges before performing a network-wide activation of an installed … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4422 2024-11-21 10:42 2012-09-15 Show GitHub Exploit DB Packet Storm
297425 - wordpress wordpress The create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restr… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4421 2024-11-21 10:42 2012-09-15 Show GitHub Exploit DB Packet Storm
297426 - torproject tor The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemo… NVD-CWE-noinfo
CVE-2012-4419 2024-11-21 10:42 2012-09-15 Show GitHub Exploit DB Packet Storm
297427 - isc bind ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and na… NVD-CWE-noinfo
CVE-2012-4244 2024-11-21 10:42 2012-09-14 Show GitHub Exploit DB Packet Storm
297428 - moinmo moinmoin security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4404 2024-11-21 10:42 2012-09-11 Show GitHub Exploit DB Packet Storm
297429 - cybozu kunai The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application th… CWE-200
Information Exposure 		CVE-2012-4012 2024-11-21 10:42 2012-09-8 Show GitHub Exploit DB Packet Storm
297430 - cybozu kunai The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. CWE-78
OS Command  		CVE-2012-4011 2024-11-21 10:42 2012-09-8 Show GitHub Exploit DB Packet Storm