Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251431	4.3	警告	Zimbra	-	Zimbra Web Client の zimbra/h/calendar におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1213	2012-02-27 16:48	2012-02-24	Show	GitHub Exploit DB Packet Storm

251432	4.3	警告	SMW+	-	Semantic Enterprise Wiki の smwfOnSfSetTargetName 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1212	2012-02-27 16:47	2012-02-24	Show	GitHub Exploit DB Packet Storm

251433	7.5	危険	Powie	-	Powie pFile の pfile/file.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-1210	2012-02-27 15:51	2012-02-24	Show	GitHub Exploit DB Packet Storm

251434	4.3	警告	Fork CMS	-	Fork CMS の backend/core/engine/base.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1209	2012-02-27 15:48	2012-02-24	Show	GitHub Exploit DB Packet Storm

251435	4.3	警告	Fork CMS	-	Fork CMS の backend/core/engine/base.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1208	2012-02-27 15:48	2012-02-24	Show	GitHub Exploit DB Packet Storm

251436	5	警告	Fork CMS	-	Fork CMS の frontend/core/engine/javascript.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1207	2012-02-27 15:41	2012-02-24	Show	GitHub Exploit DB Packet Storm

251437	9.3	危険	Hancom Inc.	-	Hancom Office 2010 SE における整数オーバフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-1206	2012-02-27 15:38	2012-02-24	Show	GitHub Exploit DB Packet Storm

251438	7.5	危険	alanft	-	WordPress 用 Relocate Upload プラグインにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2012-1205	2012-02-27 15:35	2012-02-24	Show	GitHub Exploit DB Packet Storm

251439	4.3	警告	LEPTON Project	-	LEPTON におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1000	2012-02-27 15:25	2012-02-24	Show	GitHub Exploit DB Packet Storm

251440	7.5	危険	LEPTON Project	-	LEPTON の modules/news/rss.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0999	2012-02-27 15:24	2012-02-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
273841	4.3	MEDIUM Network	wordpress	wordpress	The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPress before 4.3.1 allows remote authenticated users to bypass intended access restrictions, and arra…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-5715	2024-11-21 11:33	2016-05-22	Show	GitHub Exploit DB Packet Storm

273842	6.1	MEDIUM Network	wordpress	wordpress	Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during proces…	CWE-79 Cross-site Scripting	CVE-2015-5714	2024-11-21 11:33	2016-05-22	Show	GitHub Exploit DB Packet Storm

273843	9.8	CRITICAL Network	php	php	The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows…	CWE-20 Improper Input Validation	CVE-2015-5589	2024-11-21 11:33	2016-05-16	Show	GitHub Exploit DB Packet Storm

273844	7.5	HIGH Network	botan_project debian	botan debian_linux	The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.	CWE-399 Resource Management Errors	CVE-2015-5727	2024-11-21 11:33	2016-05-13	Show	GitHub Exploit DB Packet Storm

273845	7.5	HIGH Network	botan_project debian	botan debian_linux	The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.	CWE-20 Improper Input Validation	CVE-2015-5726	2024-11-21 11:33	2016-05-13	Show	GitHub Exploit DB Packet Storm

273846	6.5	MEDIUM Network	ubuntu libav opensuse	ubuntu libav leap	The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with craft…	CWE-189 Numeric Errors	CVE-2015-5479	2024-11-21 11:33	2016-04-19	Show	GitHub Exploit DB Packet Storm

273847	7.5	HIGH Network	f5	big-iq_application_delivery_controller big-ip_local_traffic_manager big-ip_access_policy_manager big-ip_edge_gateway big-ip_application_security_manager big-iq_security big-ip_wan_o…	Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x b…	CWE-399 Resource Management Errors	CVE-2015-5516	2024-11-21 11:33	2016-01-21	Show	GitHub Exploit DB Packet Storm

273848	7.3	HIGH Network	php	php	Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of servic…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-5590	2024-11-21 11:33	2016-01-19	Show	GitHub Exploit DB Packet Storm

273849	5.3	MEDIUM Network	swim_team_project	swim_team	Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file par…	CWE-22 Path Traversal	CVE-2015-5471	2024-11-21 11:33	2016-01-13	Show	GitHub Exploit DB Packet Storm

273850	5.4	MEDIUM Network	hp	storeonce_backup_system_software	Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2015-5447	2024-11-21 11:33	2016-01-5	Show	GitHub Exploit DB Packet Storm