Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227391	2.1	注意	Mixpanel Project	-	Drupal 用 Mixpanel モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5585	2012-12-28 15:50	2012-11-28	Show	GitHub Exploit DB Packet Storm

227392	4.3	警告	Made to Order Software	-	Drupal 用 Table of Contents モジュールにおけるノードのヘッダを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5584	2012-12-28 15:49	2012-11-14	Show	GitHub Exploit DB Packet Storm

227393	6.8	警告	Sensio Labs	-	Symfony における任意のサービスにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-6432	2012-12-28 15:20	2012-12-20	Show	GitHub Exploit DB Packet Storm

227394	6.4	警告	Sensio Labs	-	Symfony における URI の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-6431	2012-12-28 15:18	2012-12-20	Show	GitHub Exploit DB Packet Storm

227395	4.3	警告	Sebastian Heinlein Canonical	-	Ubuntu の Aptdaemon における任意のパッケージレポジトリの GPG キーをインストールされる脆弱性	CWE-noinfo 情報不足	CVE-2012-0962	2012-12-28 15:03	2012-12-17	Show	GitHub Exploit DB Packet Storm

227396	2.1	注意	Debian	-	Ubuntu で使用される APT における重要なシェル情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-0961	2012-12-28 14:59	2012-12-12	Show	GitHub Exploit DB Packet Storm

227397	4.3	警告	PS Project Management Team	-	Firefox 用 Unity integration 拡張機能における同一生成元ポリシーを回避される脆弱性	CWE-DesignError	CVE-2012-0958	2012-12-28 14:58	2012-10-23	Show	GitHub Exploit DB Packet Storm

227398	-	-	Ruby on Rails project	-	削除 Ruby on Rails 用 Authlogic gem における SQL インジェクションの脆弱性	-	CVE-2012-5664	2012-12-28 14:22	2012-12-26	Show	GitHub Exploit DB Packet Storm

227399	4.3	警告	Opera Software ASA	-	Android 版 Opera Mini ウェブブラウザおよび Opera Mobile ウェブブラウザにおいて任意のスクリプトが実行される脆弱性	CWE-200 情報漏えい	CVE-2012-5180	2012-12-28 14:17	2012-12-20	Show	GitHub Exploit DB Packet Storm

227400	2.6	注意	WordPress.org	-	WordPress における有効なセッション識別子を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-5868	2012-12-28 11:58	2012-12-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
225371	7.5	HIGH Network	microsoft	windows_defender forefront_endpoint_protection_2010 security_essentials system_center_endpoint_protection	A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'.	NVD-CWE-noinfo	CVE-2019-1255	2024-11-21 13:36	2019-09-24	Show	GitHub Exploit DB Packet Storm

225372	9.8	CRITICAL Network	microsoft	team_foundation_server azure_devops_server	A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code …	CWE-20 Improper Input Validation	CVE-2019-1306	2024-11-21 13:36	2019-09-12	Show	GitHub Exploit DB Packet Storm

225373	5.4	MEDIUM Network	microsoft	team_foundation_server azure_devops_server	A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.	CWE-79 Cross-site Scripting	CVE-2019-1305	2024-11-21 13:36	2019-09-12	Show	GitHub Exploit DB Packet Storm

225374	7.8	HIGH Local	microsoft	windows_10 windows_server_2016 windows_server_2019	An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on th…	NVD-CWE-noinfo	CVE-2019-1303	2024-11-21 13:36	2019-09-12	Show	GitHub Exploit DB Packet Storm

225375	8.8	HIGH Network	microsoft	asp.net_core	An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of…	CWE-20 Improper Input Validation	CVE-2019-1302	2024-11-21 13:36	2019-09-12	Show	GitHub Exploit DB Packet Storm

225376	7.5	HIGH Network	microsoft	powershell_core .net_core	A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.	NVD-CWE-noinfo	CVE-2019-1301	2024-11-21 13:36	2019-09-12	Show	GitHub Exploit DB Packet Storm

225377	7.5	HIGH Network	microsoft	edge chakracore	A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. Th…	CWE-787 Out-of-bounds Write	CVE-2019-1300	2024-11-21 13:36	2019-09-12	Show	GitHub Exploit DB Packet Storm

225378	6.5	MEDIUM Network	microsoft	edge	An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability…	CWE-665 Improper Initialization	CVE-2019-1299	2024-11-21 13:36	2019-09-12	Show	GitHub Exploit DB Packet Storm

225379	7.5	HIGH Network	microsoft	edge chakracore	A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. Th…	CWE-787 Out-of-bounds Write	CVE-2019-1298	2024-11-21 13:36	2019-09-12	Show	GitHub Exploit DB Packet Storm

225380	8.8	HIGH Network	microsoft	excel office office_365_proplus	A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.	NVD-CWE-noinfo	CVE-2019-1297	2024-11-21 13:36	2019-09-12	Show	GitHub Exploit DB Packet Storm