Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251551	4.3	警告	xt:Commerce	-	xt:Commerce におけるクロスサイトリクエストフォージェリの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5011	2011-12-28 11:41	2011-12-25	Show	GitHub Exploit DB Packet Storm

251552	10	危険	Ctek, Inc.	-	Ctek SkyRouter の apps/a3/cfg_ethping.cgi における任意のコマンドを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-5010	2011-12-28 11:40	2011-12-25	Show	GitHub Exploit DB Packet Storm

251553	5	警告	3S-Smart Software Solutions	-	3S CoDeSys におけるサービス運用妨害 (NULL ポインタデリファレンス) の脆弱性	CWE-Other その他	CVE-2011-5009	2011-12-28 11:36	2011-12-25	Show	GitHub Exploit DB Packet Storm

251554	7.5	危険	3S-Smart Software Solutions	-	3S CoDeSys の GatewayService コンポーネントにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-5008	2011-12-28 11:35	2011-12-25	Show	GitHub Exploit DB Packet Storm

251555	10	危険	3S-Smart Software Solutions	-	3S CoDeSys におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-5007	2011-12-28 11:34	2011-12-25	Show	GitHub Exploit DB Packet Storm

251556	7.5	危険	Wuzly	-	Wuzly の管理機能における認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-3839	2011-12-28 11:31	2011-12-24	Show	GitHub Exploit DB Packet Storm

251557	7.5	危険	Wuzly	-	Wuzly における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-3838	2011-12-28 11:31	2011-12-24	Show	GitHub Exploit DB Packet Storm

251558	6.8	警告	Wuzly	-	Wuzly の blog_system/data_functions.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-3837	2011-12-28 11:30	2011-12-24	Show	GitHub Exploit DB Packet Storm

251559	4.3	警告	Wuzly	-	Wuzly におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-3836	2011-12-28 11:30	2011-12-24	Show	GitHub Exploit DB Packet Storm

251560	4.3	警告	Wuzly	-	Wuzly におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3835	2011-12-28 11:29	2011-12-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
296091	-	mnt-tech	wp-facethumb	Cross-site scripting (XSS) vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pagination_wp_facethumb param…	CWE-79 Cross-site Scripting	CVE-2012-2371	2024-11-21 10:38	2012-08-14	Show	GitHub Exploit DB Packet Storm

296092	-	gnome	gdk-pixbuf	Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) hei…	CWE-189 Numeric Errors	CVE-2012-2370	2024-11-21 10:38	2012-08-14	Show	GitHub Exploit DB Packet Storm

296093	-	bytemark	symbiosis	Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password.	CWE-20 Improper Input Validation	CVE-2012-2368	2024-11-21 10:38	2012-08-14	Show	GitHub Exploit DB Packet Storm

296094	-	mybb	mybb	MyBB (aka MyBulletinBoard) before 1.6.7 allows remote attackers to obtain sensitive information via a malformed forumread cookie, which reveals the installation path in an error message.	CWE-200 Information Exposure	CVE-2012-2327	2024-11-21 10:38	2012-08-14	Show	GitHub Exploit DB Packet Storm

296095	-	mybb	mybb	Cross-site scripting (XSS) vulnerability in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malforme…	CWE-79 Cross-site Scripting	CVE-2012-2326	2024-11-21 10:38	2012-08-14	Show	GitHub Exploit DB Packet Storm

296096	-	mybb	mybb	SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to execute arbitrary SQL com…	CWE-89 SQL Injection	CVE-2012-2325	2024-11-21 10:38	2012-08-14	Show	GitHub Exploit DB Packet Storm

296097	-	mybb	mybb	Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the (1) user search or (2) M…	CWE-89 SQL Injection	CVE-2012-2324	2024-11-21 10:38	2012-08-14	Show	GitHub Exploit DB Packet Storm

296098	-	linux	linux_kernel	The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial …	CWE-362 Race Condition	CVE-2012-2373	2024-11-21 10:38	2012-08-9	Show	GitHub Exploit DB Packet Storm

296099	-	linux	linux_kernel	The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-ba…	CWE-20 Improper Input Validation	CVE-2012-2136	2024-11-21 10:38	2012-08-9	Show	GitHub Exploit DB Packet Storm

296100	-	ibm	rational_directory_server tivoli_directory_server global_security_kit	IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS #12 file format for certificate objects …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-2203	2024-11-21 10:38	2012-08-8	Show	GitHub Exploit DB Packet Storm