Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251301 6.8 警告 ヒューレット・パッカード - HP System Management Homepage におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-3846 2012-04-13 16:19 2012-04-12 Show GitHub Exploit DB Packet Storm
251302 6.5 警告 Cloudera, Inc. - Cloudera Manager および Cloudera Service and Configuration Manager における任意のユーザアカウントになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2012-2230 2012-04-13 15:35 2011-04-12 Show GitHub Exploit DB Packet Storm
251303 6.5 警告 Cloudera, Inc.
Apache Software Foundation		 - Cloudera 製品で使用される Apache Hadoop における任意のクラスタユーザアカウントになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2012-1574 2012-04-13 15:33 2012-04-12 Show GitHub Exploit DB Packet Storm
251304 5.8 警告 株式会社リクルート - どこでもリクナビ2013 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1240 2012-04-13 12:02 2012-04-13 Show GitHub Exploit DB Packet Storm
251305 5.8 警告 COM Meets Ruby - ActiveScriptRuby に HTML 上で任意の Ruby スクリプトを実行可能な脆弱性 CWE-Other
その他 		CVE-2012-1241 2012-04-13 12:01 2012-04-13 Show GitHub Exploit DB Packet Storm
251306 7.5 危険 360安全中心 - 360圧縮 (360zip) における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2225 2012-04-13 11:45 2012-04-11 Show GitHub Exploit DB Packet Storm
251307 7.5 危険 迅雷 - 迅雷 (Xunlei Thunder) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-2224 2012-04-13 11:44 2012-03-6 Show GitHub Exploit DB Packet Storm
251308 4.3 警告 Plume CMS - Plume CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2156 2012-04-13 11:07 2012-04-11 Show GitHub Exploit DB Packet Storm
251309 4.3 警告 CMS Made Simple - CMS Made Simple の admin/edituser.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1992 2012-04-13 11:06 2012-04-11 Show GitHub Exploit DB Packet Storm
251310 7.5 危険 Ola Lasisi - e-ticketing の loginscript.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1673 2012-04-12 16:57 2011-04-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
282351 9.8 CRITICAL
Network 		samsung galaxy_s4_firmware The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to cause a denial of service (memory corruption) or gain privileges. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-1801 2024-11-21 11:26 2017-08-25 Show GitHub Exploit DB Packet Storm
282352 7.5 HIGH
Network 		samsung galaxy_s4_firmware The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to potentially obtain sensitive information. CWE-200
Information Exposure 		CVE-2015-1800 2024-11-21 11:26 2017-08-25 Show GitHub Exploit DB Packet Storm
282353 6.8 MEDIUM
Physics 		thalesesecurity nshield_connect_firmware Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract t… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-1878 2024-11-21 11:26 2017-08-19 Show GitHub Exploit DB Packet Storm
282354 9.8 CRITICAL
Network 		musl-libc musl Stack-based buffer overflow in the inet_pton function in network/inet_pton.c in musl libc 0.9.15 through 1.0.4, and 1.1.0 through 1.1.7 allows attackers to have unspecified impact via unknown vectors. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-1817 2024-11-21 11:26 2017-08-19 Show GitHub Exploit DB Packet Storm
282355 7.5 HIGH
Network 		fedoraproject
entrouvert 		fedora
lasso 		The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-1783 2024-11-21 11:26 2017-08-12 Show GitHub Exploit DB Packet Storm
282356 9.8 CRITICAL
Network 		rest-client_project rest-client REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a respon… CWE-384
 Session Fixation 		CVE-2015-1820 2024-11-21 11:26 2017-08-10 Show GitHub Exploit DB Packet Storm
282357 7.5 HIGH
Network 		appserver appserver Directory traversal vulnerability in the web request/response interface in Appserver before 1.0.3 allows remote attackers to read normally inaccessible files via a .. (dot dot) in a crafted URL. CWE-22
Path Traversal 		CVE-2015-1847 2024-11-21 11:26 2017-07-25 Show GitHub Exploit DB Packet Storm
282358 7.8 HIGH
Local 		redhat gluster_storage Red Hat Gluster Storage RPM Package 3.2 allows local users to gain privileges and execute arbitrary code as root. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-1795 2024-11-21 11:26 2017-06-28 Show GitHub Exploit DB Packet Storm
282359 9.8 CRITICAL
Network 		opendaylight opendaylight The custom authentication realm used by karaf-tomcat's "opendaylight" realm in Opendaylight before Helium SR3 will authenticate any username and password combination. CWE-287
Improper Authentication 		CVE-2015-1778 2024-11-21 11:26 2017-06-28 Show GitHub Exploit DB Packet Storm
282360 5.5 MEDIUM
Local 		redhat automatic_bug_reporting_tool The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information fr… CWE-200
Information Exposure 		CVE-2015-1870 2024-11-21 11:26 2017-06-27 Show GitHub Exploit DB Packet Storm