Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 12:06 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252681 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0674 2011-05-6 11:27 2011-04-12 Show GitHub Exploit DB Packet Storm
252682 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0672 2011-05-6 11:26 2011-04-12 Show GitHub Exploit DB Packet Storm
252683 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0671 2011-05-6 11:25 2011-04-12 Show GitHub Exploit DB Packet Storm
252684 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0670 2011-05-6 11:11 2011-04-12 Show GitHub Exploit DB Packet Storm
252685 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0667 2011-05-6 11:10 2011-04-12 Show GitHub Exploit DB Packet Storm
252686 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0666 2011-05-6 11:09 2011-04-12 Show GitHub Exploit DB Packet Storm
252687 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0665 2011-05-6 11:07 2011-04-12 Show GitHub Exploit DB Packet Storm
252688 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0662 2011-05-6 11:06 2011-04-12 Show GitHub Exploit DB Packet Storm
252689 9.3 危険 マイクロソフト - Microsoft Windows のワードパッドにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-0028 2011-05-6 11:03 2011-04-12 Show GitHub Exploit DB Packet Storm
252690 7.6 危険 マイクロソフト - Microsoft Windows の FAX 送付状エディター内にある fxscover.exe における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-3974 2011-05-6 11:01 2011-04-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
282211 - rubyonrails rails activerecord/lib/active_record/relation/query_methods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3514 2024-11-21 11:08 2014-08-20 Show GitHub Exploit DB Packet Storm
282212 - opensuse
apache
canonical
apple
redhat 		opensuse
subversion
ubuntu_linux
xcode
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server_eus
enterprise_linux_server
enterprise_linux_hpc_node 		Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers … CWE-255
Credentials Management 		CVE-2014-3528 2024-11-21 11:08 2014-08-20 Show GitHub Exploit DB Packet Storm
282213 - apache
opensuse
canonical
apple 		subversion
opensuse
ubuntu_linux
xcode 		The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certif… CWE-297
 Improper Validation of Certificate with Host Mismatch 		CVE-2014-3522 2024-11-21 11:08 2014-08-20 Show GitHub Exploit DB Packet Storm
282214 - apache
canonical
serf_project 		subversion
ubuntu_linux
serf 		The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in t… NVD-CWE-Other
CVE-2014-3504 2024-11-21 11:08 2014-08-20 Show GitHub Exploit DB Packet Storm
282215 - redhat resteasy
jboss_enterprise_application_platform 		RESTEasy 2.3.1 before 2.3.8.SP2 and 3.x before 3.0.9, as used in Red Hat JBoss Enterprise Application Platform (EAP) 6.3.0, does not disable external entities when the resteasy.document.expand.entity… NVD-CWE-Other
CVE-2014-3490 2024-11-21 11:08 2014-08-20 Show GitHub Exploit DB Packet Storm
282216 - redhat jboss_enterprise_application_platform The isCallerInRole function in SimpleSecurityManager in JBoss Application Server (AS) 7, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.3.0, does not properly check caller roles, … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3472 2024-11-21 11:08 2014-08-20 Show GitHub Exploit DB Packet Storm
282217 - redhat jboss_enterprise_application_platform The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) 6.2.0 and 6.3.0, does not properly enforce the method level restrictions for outbo… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3464 2024-11-21 11:08 2014-08-20 Show GitHub Exploit DB Packet Storm
282218 - openssl openssl Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have uns… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-3512 2024-11-21 11:08 2014-08-14 Show GitHub Exploit DB Packet Storm
282219 - openssl openssl The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in comm… NVD-CWE-noinfo
CVE-2014-3511 2024-11-21 11:08 2014-08-14 Show GitHub Exploit DB Packet Storm
282220 - openssl openssl The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL poi… NVD-CWE-Other
CVE-2014-3510 2024-11-21 11:08 2014-08-14 Show GitHub Exploit DB Packet Storm