Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251431 4.3 警告 Zimbra - Zimbra Web Client の zimbra/h/calendar におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1213 2012-02-27 16:48 2012-02-24 Show GitHub Exploit DB Packet Storm
251432 4.3 警告 SMW+ - Semantic Enterprise Wiki の smwfOnSfSetTargetName 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1212 2012-02-27 16:47 2012-02-24 Show GitHub Exploit DB Packet Storm
251433 7.5 危険 Powie - Powie pFile の pfile/file.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1210 2012-02-27 15:51 2012-02-24 Show GitHub Exploit DB Packet Storm
251434 4.3 警告 Fork CMS - Fork CMS の backend/core/engine/base.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1209 2012-02-27 15:48 2012-02-24 Show GitHub Exploit DB Packet Storm
251435 4.3 警告 Fork CMS - Fork CMS の backend/core/engine/base.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1208 2012-02-27 15:48 2012-02-24 Show GitHub Exploit DB Packet Storm
251436 5 警告 Fork CMS - Fork CMS の frontend/core/engine/javascript.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-1207 2012-02-27 15:41 2012-02-24 Show GitHub Exploit DB Packet Storm
251437 9.3 危険 Hancom Inc. - Hancom Office 2010 SE における整数オーバフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-1206 2012-02-27 15:38 2012-02-24 Show GitHub Exploit DB Packet Storm
251438 7.5 危険 alanft - WordPress 用 Relocate Upload プラグインにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2012-1205 2012-02-27 15:35 2012-02-24 Show GitHub Exploit DB Packet Storm
251439 4.3 警告 LEPTON Project - LEPTON におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1000 2012-02-27 15:25 2012-02-24 Show GitHub Exploit DB Packet Storm
251440 7.5 危険 LEPTON Project - LEPTON の modules/news/rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-0999 2012-02-27 15:24 2012-02-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
257451 7.5 HIGH
Network 		scrapy scrapy Scrapy 1.4 allows remote attackers to cause a denial of service (memory consumption) via large files because arbitrarily many files are read into memory, which is especially problematic if the files … CWE-400
 Uncontrolled Resource Consumption 		CVE-2017-14158 2024-11-21 12:12 2017-09-6 Show GitHub Exploit DB Packet Storm
257452 5.5 MEDIUM
Local 		linux linux_kernel The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive informa… CWE-200
Information Exposure 		CVE-2017-14156 2024-11-21 12:12 2017-09-6 Show GitHub Exploit DB Packet Storm
257453 8.8 HIGH
Network 		uclouvain
debian 		openjpeg
debian_linux 		A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of serv… CWE-787
 Out-of-bounds Write 		CVE-2017-14152 2024-11-21 12:12 2017-09-6 Show GitHub Exploit DB Packet Storm
257454 8.8 HIGH
Network 		uclouvain
debian 		openjpeg
debian_linux 		An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-14151 2024-11-21 12:12 2017-09-6 Show GitHub Exploit DB Packet Storm
257455 7.5 HIGH
Network 		embedthis goahead GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request. CWE-476
 NULL Pointer Dereference 		CVE-2017-14149 2024-11-21 12:12 2017-09-5 Show GitHub Exploit DB Packet Storm
257456 8.8 HIGH
Network 		helpdezk helpdezk HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory. CWE-94
Code Injection 		CVE-2017-14146 2024-11-21 12:12 2017-09-5 Show GitHub Exploit DB Packet Storm
257457 9.8 CRITICAL
Network 		helpdezk helpdezk HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\loginController.php via the admin/login/getWarningInfo/id/ PATH_INFO, related to the selectWarning function. CWE-89
SQL Injection 		CVE-2017-14145 2024-11-21 12:12 2017-09-5 Show GitHub Exploit DB Packet Storm
257458 5.5 MEDIUM
Local 		linux linux_kernel The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid ex… CWE-200
Information Exposure 		CVE-2017-14140 2024-11-21 12:12 2017-09-5 Show GitHub Exploit DB Packet Storm
257459 5.5 MEDIUM
Local 		gnome gedit libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to cause a denial of service (CPU consumption) via a file that begins with many '\0' characters. CWE-400
 Uncontrolled Resource Consumption 		CVE-2017-14108 2024-11-21 12:12 2017-09-5 Show GitHub Exploit DB Packet Storm
257460 6.5 MEDIUM
Network 		imagemagick imagemagick ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2017-14139 2024-11-21 12:12 2017-09-5 Show GitHub Exploit DB Packet Storm