Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252241	10	危険	シーメンス	-	複数の Siemens 製品の HMI Web サーバにおける認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2011-4508	2012-02-8 10:49	2012-01-24	Show	GitHub Exploit DB Packet Storm

252242	2.6	注意	HTC Corporation	-	HTC 製 Android 端末に Wi-Fi 認証情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2011-4872	2012-02-7 16:21	2012-02-2	Show	GitHub Exploit DB Packet Storm

252243	7.5	危険	Scriptsez.net	-	Scriptsez.net の Ez Album における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0983	2012-02-7 16:19	2012-02-2	Show	GitHub Exploit DB Packet Storm

252244	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech Agent Zone の search.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0982	2012-02-7 16:18	2012-02-2	Show	GitHub Exploit DB Packet Storm

252245	5	警告	KYBERNETIKA	-	phpShowtime における任意のディレクトリおよびイメージファイルをリストアップされる脆弱性	CWE-22 パス・トラバーサル	CVE-2012-0981	2012-02-7 16:17	2012-02-2	Show	GitHub Exploit DB Packet Storm

252246	7.5	危険	phux Development	-	phux Download Manager の download.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-0980	2012-02-7 16:16	2012-02-2	Show	GitHub Exploit DB Packet Storm

252247	4.3	警告	TWiki	-	TWiki におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0979	2012-02-7 16:14	2012-02-2	Show	GitHub Exploit DB Packet Storm

252248	6.8	警告	LuraTech	-	LuraWave JP2 Browser Plug-In におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-0978	2012-02-7 16:13	2012-02-2	Show	GitHub Exploit DB Packet Storm

252249	9.3	危険	LuraTech	-	LuraWave JP2 ActiveX Control におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-0977	2012-02-7 16:12	2012-02-2	Show	GitHub Exploit DB Packet Storm

252250	2.1	注意	SilverStripe	-	SilverStripe の admin/EditForm におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0976	2012-02-7 16:10	2012-02-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
275691	-	igniterealtime	openfire	Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a pass…	CWE-352 Origin Validation Error	CVE-2015-6973	2024-11-21 11:35	2015-09-17	Show	GitHub Exploit DB Packet Storm

275692	-	igniterealtime	openfire	Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to inject arbitrary web script or HTML via the (1) groupchatName parameter to plugins/cli…	CWE-79 Cross-site Scripting	CVE-2015-6972	2024-11-21 11:35	2015-09-17	Show	GitHub Exploit DB Packet Storm

275693	-	nokia	\@vantage_commander	Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions and Networks and Nokia Siemens Networks) @vantage Commander allow remote attackers to inject arbitrary …	CWE-79 Cross-site Scripting	CVE-2015-6929	2024-11-21 11:35	2015-09-17	Show	GitHub Exploit DB Packet Storm

275694	-	s9y	serendipity	Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 theme in Serendipity before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via a user name in a comment, w…	CWE-79 Cross-site Scripting	CVE-2015-6969	2024-11-21 11:35	2015-09-16	Show	GitHub Exploit DB Packet Storm

275695	-	s9y	serendipity	Multiple incomplete blacklist vulnerabilities in the serendipity_isActiveFile function in include/functions_images.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbi…	NVD-CWE-Other	CVE-2015-6968	2024-11-21 11:35	2015-09-16	Show	GitHub Exploit DB Packet Storm

275696	-	nibbleblog	nibbleblog	Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog before 4.0.5 allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then …	NVD-CWE-Other	CVE-2015-6967	2024-11-21 11:35	2015-09-16	Show	GitHub Exploit DB Packet Storm

275697	-	nibbleblog	nibbleblog	Multiple cross-site request forgery (CSRF) vulnerabilities in Nibbleblog before 4.0.5 allow remote attackers to hijack the authentication of administrators for requests that (1) create a post via a n…	CWE-352 Origin Validation Error	CVE-2015-6966	2024-11-21 11:35	2015-09-16	Show	GitHub Exploit DB Packet Storm

275698	-	creative-solutions	contact_form_generator	Multiple cross-site request forgery (CSRF) vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators f…	CWE-352 Origin Validation Error	CVE-2015-6965	2024-11-21 11:35	2015-09-16	Show	GitHub Exploit DB Packet Storm

275699	-	ciphercoin	wp_limit_login_attempts	Multiple SQL injection vulnerabilities in the getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin before 2.0.1 for WordPress allow remote attackers to execute arbitrar…	CWE-89 SQL Injection	CVE-2015-6829	2024-11-21 11:35	2015-09-16	Show	GitHub Exploit DB Packet Storm

275700	-	securemoz	security_audit	The tweet_info function in class/__functions.php in the SecureMoz Security Audit plugin 1.0.5 and earlier for WordPress does not use an HTTPS session for downloading serialized data, which allows man…	CWE-20 Improper Input Validation	CVE-2015-6828	2024-11-21 11:35	2015-09-16	Show	GitHub Exploit DB Packet Storm