Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251661 4.3 警告 MantisBT Group - MantisBT におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3358 2011-09-27 11:18 2011-09-21 Show GitHub Exploit DB Packet Storm
251662 6.8 警告 MantisBT Group - MantisBT の bug_actiongroup_ext_page.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-3357 2011-09-27 11:17 2011-08-31 Show GitHub Exploit DB Packet Storm
251663 4.3 警告 MantisBT Group - MantisBT の filter_api.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-2938 2011-09-27 11:15 2011-08-18 Show GitHub Exploit DB Packet Storm
251664 4.3 警告 MantisBT Group - MantisBT の config_defaults_inc.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3356 2011-09-27 11:12 2011-07-31 Show GitHub Exploit DB Packet Storm
251665 10 危険 シスコシステムズ - Cisco Identity Services Engine における設定を変更される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-3290 2011-09-27 11:07 2011-09-20 Show GitHub Exploit DB Packet Storm
251666 4.3 警告 Roundcube.net - Roundcube Webmail の UI メッセージ機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-2937 2011-09-27 11:05 2011-08-9 Show GitHub Exploit DB Packet Storm
251667 6.8 警告 AmmSoft - AmmSoft ScriptFTP にバッファオーバーフローの脆弱性 - CVE-2011-3976 2011-09-27 10:58 2011-09-21 Show GitHub Exploit DB Packet Storm
251668 10 危険 Measuresoft Development Ltd. - Measuresoft ScadaPro の service.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3490 2011-09-26 15:59 2011-09-16 Show GitHub Exploit DB Packet Storm
251669 4.6 警告 レッドハット - Red Hat Enterprise MRG の Cumin における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-2925 2011-09-26 15:43 2011-09-7 Show GitHub Exploit DB Packet Storm
251670 5 警告 Zoho Corporation - ManageEngine ServiceDesk Plus の encryptPassword 関数における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2011-1509 2011-09-26 15:42 2011-09-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
295791 5.5 MEDIUM
Local 		linux
redhat
suse 		linux_kernel
enterprise_mrg
linux_enterprise_server
linux_enterprise_desktop
linux_enterprise_high_availability_extension 		The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO. CWE-20
 Improper Input Validation  		CVE-2012-1090 2024-11-21 10:36 2012-05-17 Show GitHub Exploit DB Packet Storm
295792 5.5 MEDIUM
Local 		linux
fedoraproject
suse 		linux_kernel
fedora
linux_enterprise_desktop
linux_enterprise_server
linux_enterprise_high_availability_extension 		The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local … CWE-476
 NULL Pointer Dereference 		CVE-2012-1146 2024-11-21 10:36 2012-05-17 Show GitHub Exploit DB Packet Storm
295793 - basercms basercms app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1248 2024-11-21 10:36 2012-05-16 Show GitHub Exploit DB Packet Storm
295794 - webcreate web_mart Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML by leveraging support for… CWE-79
Cross-site Scripting 		CVE-2012-1247 2024-11-21 10:36 2012-05-16 Show GitHub Exploit DB Packet Storm
295795 - webcreate web_mart Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie. CWE-79
Cross-site Scripting 		CVE-2012-1246 2024-11-21 10:36 2012-05-16 Show GitHub Exploit DB Packet Storm
295796 - cisco unified_ip_phone_firmware
unified_ip_phone 		Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via uns… CWE-94
Code Injection 		CVE-2012-1328 2024-11-21 10:36 2012-05-4 Show GitHub Exploit DB Packet Storm
295797 - cisco ios dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (assertion failure and reboot) via 802.11 wireless traffic, as demonstrated by… CWE-284
Improper Access Control 		CVE-2012-1327 2024-11-21 10:36 2012-05-4 Show GitHub Exploit DB Packet Storm
295798 - cisco ios Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2, when IPS policies are configured, allows remote attackers to cause a denial of service (device crash) by sending IPv6 packets, ak… CWE-362
Race Condition 		CVE-2012-1324 2024-11-21 10:36 2012-05-4 Show GitHub Exploit DB Packet Storm
295799 - phpmyadmin phpmyadmin Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web … CWE-79
Cross-site Scripting 		CVE-2012-1190 2024-11-21 10:36 2012-05-3 Show GitHub Exploit DB Packet Storm
295800 - nttdocomo spmode_mail_android The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain… CWE-310
Cryptographic Issues 		CVE-2012-1244 2024-11-21 10:36 2012-04-28 Show GitHub Exploit DB Packet Storm