Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251491	4.3	警告	日立	-	Hitachi IT Operations Analyzer におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0917	2012-01-26 16:49	2012-01-10	Show	GitHub Exploit DB Packet Storm

251492	7.5	危険	Google	-	Google Chrome で使用される Skia におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2011-3927	2012-01-25 16:09	2012-01-23	Show	GitHub Exploit DB Packet Storm

251493	7.5	危険	Google	-	Google Chrome の Safe Browsing 機能におけるサービス運用妨害 (ヒープメモリ破損) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3925	2012-01-25 16:07	2012-01-23	Show	GitHub Exploit DB Packet Storm

251494	4.3	警告	SimpleSAMLphp	-	SimpleSAMLphp の modules/core/www/no_cookie.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0040	2012-01-25 14:16	2012-01-24	Show	GitHub Exploit DB Packet Storm

251495	7.5	危険	Stoneware	-	Stoneware webNetwork における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0912	2012-01-25 14:15	2012-01-23	Show	GitHub Exploit DB Packet Storm

251496	6.8	警告	Stoneware	-	Stoneware webNetwork におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-0286	2012-01-25 14:14	2012-01-23	Show	GitHub Exploit DB Packet Storm

251497	4.3	警告	Stoneware	-	Stoneware webNetwork におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0285	2012-01-25 14:13	2012-01-23	Show	GitHub Exploit DB Packet Storm

251498	5.8	警告	NeoAxis	-	NeoAxis web player におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-0907	2012-01-25 11:24	2012-01-20	Show	GitHub Exploit DB Packet Storm

251499	7.5	危険	deV!L'z Clanportal	-	deV!L'z Clanportal (DZCP) の Moviebase アドオンにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0906	2012-01-25 11:00	2012-01-20	Show	GitHub Exploit DB Packet Storm

251500	7.5	危険	deV!L'z Clanportal	-	deV!L'z Clanportal (DZCP) の Gamebase アドオンにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0905	2012-01-25 10:57	2012-01-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
287461	-	rubyonrails	rails	Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary…	CWE-79 Cross-site Scripting	CVE-2013-6416	2024-11-21 10:59	2013-12-7	Show	GitHub Exploit DB Packet Storm

287462	-	rubyonrails	ruby_on_rails rails	Cross-site scripting (XSS) vulnerability in the number_to_currency helper in actionpack/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote atta…	CWE-79 Cross-site Scripting	CVE-2013-6415	2024-11-21 10:59	2013-12-7	Show	GitHub Exploit DB Packet Storm

287463	-	rubyonrails	rails ruby_on_rails	actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to cause a denial of service (memory consumption) via a hea…	CWE-20 Improper Input Validation	CVE-2013-6414	2024-11-21 10:59	2013-12-7	Show	GitHub Exploit DB Packet Storm

287464	-	jamroom	search_module	Cross-site scripting (XSS) vulnerability in the Search module before 1.1.1 for Jamroom allows remote attackers to inject arbitrary web script or HTML via the search_string parameter to search/results…	CWE-79 Cross-site Scripting	CVE-2013-6804	2024-11-21 10:59	2013-12-6	Show	GitHub Exploit DB Packet Storm

287465	-	chamilo	chamilo_lms	SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and earlier, when using the non-encrypted passwords mode set at installation, allows remo…	CWE-89 SQL Injection	CVE-2013-6787	2024-11-21 10:59	2013-12-6	Show	GitHub Exploit DB Packet Storm

287466	-	ganglia	ganglia-web	Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, …	CWE-79 Cross-site Scripting	CVE-2013-6395	2024-11-21 10:59	2013-12-6	Show	GitHub Exploit DB Packet Storm

287467	-	dokeos	dokeos	SQL injection vulnerability in Dokeos 2.2 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the language parameter to index.php.	CWE-89 SQL Injection	CVE-2013-6341	2024-11-21 10:59	2013-12-6	Show	GitHub Exploit DB Packet Storm

287468	-	cybozu	garoon	Cross-site scripting (XSS) vulnerability in the Yahoo! User Interface Library in Cybozu Garoon before 3.7.2, when Internet Explorer 9 or 10 or Chrome is used, allows remote attackers to inject arbitr…	CWE-79 Cross-site Scripting	CVE-2013-6916	2024-11-21 10:59	2013-12-5	Show	GitHub Exploit DB Packet Storm

287469	-	cybozu	garoon	Cross-site scripting (XSS) vulnerability in the system-administration component in Cybozu Garoon before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified …	CWE-79 Cross-site Scripting	CVE-2013-6915	2024-11-21 10:59	2013-12-5	Show	GitHub Exploit DB Packet Storm

287470	-	cybozu	garoon	Cross-site scripting (XSS) vulnerability in a calendar component in Cybozu Garoon before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2013-6914	2024-11-21 10:59	2013-12-5	Show	GitHub Exploit DB Packet Storm