Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227161	4.3	警告	gpEasy	-	gpEasy CMS の index.php/Admin_Preferences におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6513	2013-01-25 14:28	2013-01-24	Show	GitHub Exploit DB Packet Storm

227162	5	警告	Imthiaz	-	WordPress 用 Organizer プラグインにおけるインストールパスを取得される脆弱性	CWE-200 情報漏えい	CVE-2012-6512	2013-01-25 14:27	2013-01-24	Show	GitHub Exploit DB Packet Storm

227163	4.3	警告	Imthiaz	-	WordPress 用 Organizer プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6511	2013-01-25 14:26	2013-01-24	Show	GitHub Exploit DB Packet Storm

227164	4.3	警告	NetArt Media	-	NetArt Media Car Portal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6510	2013-01-25 14:25	2013-01-24	Show	GitHub Exploit DB Packet Storm

227165	7.5	危険	NetArt Media	-	NetArt Media Car Portal における任意の PHP コードを実行される脆弱性	CWE-Other その他	CVE-2012-6509	2013-01-25 14:25	2013-01-24	Show	GitHub Exploit DB Packet Storm

227166	6.8	警告	NetArt Media	-	NetArt Media Car Portal におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-6508	2013-01-25 14:24	2013-01-24	Show	GitHub Exploit DB Packet Storm

227167	7.5	危険	Jason Sexauer	-	ChurchCMS の admin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-6507	2013-01-25 14:23	2013-01-24	Show	GitHub Exploit DB Packet Storm

227168	4.3	警告	Zingiri	-	WordPress 用 Zingiri Web Shop プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6506	2013-01-25 14:22	2012-04-28	Show	GitHub Exploit DB Packet Storm

227169	4.3	警告	Shawn Bradley	-	PHP Volunteer Management におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6505	2013-01-25 14:20	2013-01-24	Show	GitHub Exploit DB Packet Storm

227170	7.5	危険	Shawn Bradley	-	PHP Volunteer Management における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-6504	2013-01-25 14:20	2013-01-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221111	6.5	MEDIUM Network	sass-lang	libsass	In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.	CWE-125 Out-of-bounds Read	CVE-2019-6286	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

221112	6.5	MEDIUM Network	yaml-cpp_project	yaml-cpp	The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML …	CWE-674 Uncontrolled Recursion	CVE-2019-6285	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

221113	6.5	MEDIUM Network	sass-lang	libsass	In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.	CWE-125 Out-of-bounds Read	CVE-2019-6284	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

221114	6.5	MEDIUM Network	sass-lang	libsass	In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp.	CWE-125 Out-of-bounds Read	CVE-2019-6283	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

221115	5.4	MEDIUM Network	jpress	jpress	XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with the code input option.	CWE-79 Cross-site Scripting	CVE-2019-6278	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

221116	9.8	CRITICAL Network	icmsdev	icms	An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL Injection via the app/article/article.admincp.php _data_id parameter.	CWE-89 SQL Injection	CVE-2019-6259	2024-11-21 13:46	2019-01-14	Show	GitHub Exploit DB Packet Storm

221117	7.7	HIGH Network	std42	elfinder	A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-6257	2024-11-21 13:46	2019-01-14	Show	GitHub Exploit DB Packet Storm

221118	8.1	HIGH Network	gnome wpewebkit webkitgtk fedoraproject canonical opensuse	epiphany wpe_webkit webkitgtk fedora ubuntu_linux leap	WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a…	NVD-CWE-noinfo	CVE-2019-6251	2024-11-21 13:46	2019-01-14	Show	GitHub Exploit DB Packet Storm

221119	8.8	HIGH Network	hucart	hucart	An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add.	CWE-352 Origin Validation Error	CVE-2019-6249	2024-11-21 13:46	2019-01-14	Show	GitHub Exploit DB Packet Storm

221120	6.1	MEDIUM Network	citysearch_\/_hotfrog_\/_gelbeseiten_clone_script_project	citysearch_\/_hotfrog_\/_gelbeseiten_clone_script	PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 has Reflected XSS via the srch parameter, as demonstrated by restaurants-details.php.	CWE-79 Cross-site Scripting	CVE-2019-6248	2024-11-21 13:46	2019-01-13	Show	GitHub Exploit DB Packet Storm