Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 10:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258141 6.8 警告 The PHP Group
サイバートラスト株式会社
レッドハット		 - PHP の xml_utf8_decode 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-5016 2011-02-18 15:03 2010-11-12 Show GitHub Exploit DB Packet Storm
258142 6.8 警告 The PHP Group - PHP の set_magic_quotes_runtime 関数における SQL インジェクション攻撃を誘導される脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4700 2011-02-18 14:42 2010-07-1 Show GitHub Exploit DB Packet Storm
258143 7.5 危険 The PHP Group - PHP の iconv_mime_decode_headers 関数におけるスパムの検出を回避される脆弱性 CWE-189
数値処理の問題 		CVE-2010-4699 2011-02-18 14:40 2010-09-28 Show GitHub Exploit DB Packet Storm
258144 5 警告 The PHP Group - PHP の GD 拡張モジュールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-4698 2011-02-18 14:38 2010-12-7 Show GitHub Exploit DB Packet Storm
258145 6.8 警告 The PHP Group - PHP の Zend Engine におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4697 2011-02-18 14:35 2010-09-18 Show GitHub Exploit DB Packet Storm
258146 1 注意 サン・マイクロシステムズ - Oracle Sun Java System Portal Server のプロキシにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-4431 2011-02-18 14:30 2011-01-18 Show GitHub Exploit DB Packet Storm
258147 3.6 注意 オラクル - Oracle Solaris 9 の XScreenSaver における脆弱性 CWE-noinfo
情報不足 		CVE-2010-3586 2011-02-18 14:28 2011-01-18 Show GitHub Exploit DB Packet Storm
258148 3.6 注意 オラクル - Oracle Solaris 10 の Fault Manager Daemon における脆弱性 CWE-noinfo
情報不足 		CVE-2010-4460 2011-02-18 14:11 2011-01-18 Show GitHub Exploit DB Packet Storm
258149 4.1 警告 オラクル - Oracle Solaris 11 Express の ZFS における脆弱性 CWE-noinfo
情報不足 		CVE-2010-4458 2011-02-18 14:08 2011-01-18 Show GitHub Exploit DB Packet Storm
258150 4.1 警告 オラクル - Oracle Solaris の libc における脆弱性 CWE-noinfo
情報不足 		CVE-2010-4415 2011-02-18 14:06 2011-01-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
304071 - typo3 beuserswitch Unspecified vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. NVD-CWE-noinfo
CVE-2012-1085 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
304072 - typo3 beuserswitch Cross-site scripting (XSS) vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-1084 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
304073 - typo3 terminal Cross-site request forgery (CSRF) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote attackers to hijack the authentication of unspecified victims … CWE-352
 Origin Validation Error 		CVE-2012-1083 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
304074 - typo3 terminal Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspec… CWE-79
Cross-site Scripting 		CVE-2012-1082 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
304075 - roderick_braun ya_googlesearch Cross-site scripting (XSS) vulnerability in the Yet another Google search (ya_googlesearch) extension before 0.3.10 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspec… CWE-79
Cross-site Scripting 		CVE-2012-1081 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
304076 - typo3 skt_eurocalc Cross-site scripting (XSS) vulnerability in the Euro Calculator (skt_eurocalc) extension 0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-1080 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
304077 - helmut_hummel typo3_webservice Unspecified vulnerability in the Webservices for TYPO3 (typo3_webservice) extension before 0.3.8 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors. NVD-CWE-noinfo
CVE-2012-1079 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
304078 - claus_due sysutils The System Utilities (sysutils) extension 1.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unspecified vectors related to improper "protection" of the "backup o… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1078 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
304079 - manfred_egger bc_post2facebook SQL injection vulnerability in the Post data records to facebook (bc_post2facebook) extension before 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2012-1077 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm
304080 - robert_gonda rtg_files Cross-site scripting (XSS) vulnerability in the Documents download (rtg_files) extension before 1.5.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-1076 2024-11-21 10:36 2012-02-15 Show GitHub Exploit DB Packet Storm