Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228371 10 危険 Google - Google Chrome における脆弱性 CWE-noinfo
情報不足 		CVE-2012-5138 2012-12-5 11:48 2012-11-29 Show GitHub Exploit DB Packet Storm
228372 10 危険 Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-5137 2012-12-5 11:46 2012-11-29 Show GitHub Exploit DB Packet Storm
228373 7.5 危険 Google - Google Chrome OS の WebGL サブシステムにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5129 2012-12-5 11:39 2012-11-30 Show GitHub Exploit DB Packet Storm
228374 7.5 危険 David Alkire - Drupal 用 Drag & Drop Gallery モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-4479 2012-12-4 16:28 2012-07-11 Show GitHub Exploit DB Packet Storm
228375 6.8 警告 David Alkire - Drupal 用 Drag & Drop Gallery モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-4478 2012-12-4 16:27 2012-07-11 Show GitHub Exploit DB Packet Storm
228376 5 警告 David Alkire - Drupal 用 Drag & Drop Gallery モジュールにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4477 2012-12-4 16:27 2012-07-11 Show GitHub Exploit DB Packet Storm
228377 4.3 警告 David Alkire - Drupal 用 Drag & Drop Gallery モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4476 2012-12-4 16:26 2012-07-11 Show GitHub Exploit DB Packet Storm
228378 5 警告 Chris Hertzog - Drupal 用 Security Questions モジュールにおける任意のユーザの質問および回答を編集される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4475 2012-12-4 16:26 2012-07-11 Show GitHub Exploit DB Packet Storm
228379 4.3 警告 Dennis Blake - Drupal 用 Colorbox Node モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4474 2012-12-4 16:24 2012-07-11 Show GitHub Exploit DB Packet Storm
228380 3.5 注意 Christian Johansson - Drupal 用 Restrict node page view モジュールにおける未公開のノードにアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4473 2012-12-4 16:21 2012-07-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197741 8.1 HIGH
Network 		att u-verse_firmware The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, … CWE-798
 Use of Hard-coded Credentials 		CVE-2017-14116 2024-11-21 12:12 2017-09-4 Show GitHub Exploit DB Packet Storm
197742 8.1 HIGH
Network 		att u-verse_firmware The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures ssh-permanent-enable WAN SSH logins to the remotessh account with the 5S… CWE-798
 Use of Hard-coded Credentials 		CVE-2017-14115 2024-11-21 12:12 2017-09-4 Show GitHub Exploit DB Packet Storm
197743 6.5 MEDIUM
Network 		rtpproxy rtpproxy RTPproxy through 2.2.alpha.20160822 has a NAT feature that results in not properly determining the IP address and port number of the legitimate recipient of RTP traffic, which allows remote attackers… CWE-200
Information Exposure 		CVE-2017-14114 2024-11-21 12:12 2017-09-3 Show GitHub Exploit DB Packet Storm
197744 9.8 CRITICAL
Network 		digium asterisk
certified_asterisk 		In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. Th… CWE-78
OS Command  		CVE-2017-14100 2024-11-21 12:12 2017-09-3 Show GitHub Exploit DB Packet Storm
197745 7.5 HIGH
Network 		digium asterisk In the pjsip channel driver (res_pjsip) in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash. CWE-20
 Improper Input Validation  		CVE-2017-14098 2024-11-21 12:12 2017-09-3 Show GitHub Exploit DB Packet Storm
197746 7.5 HIGH
Network 		netapp oncommand_unified_manager_for_clustered_data_ontap NetApp OnCommand Unified Manager for Clustered Data ONTAP before 7.2P1 does not set the secure flag for an unspecified cookie in an HTTPS session, which makes it easier for remote attackers to captur… CWE-200
Information Exposure 		CVE-2017-14053 2024-11-21 12:12 2017-09-2 Show GitHub Exploit DB Packet Storm
197747 7.5 HIGH
Network 		digium asterisk
certified_asterisk 		In res/res_rtp_asterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized data di… CWE-200
Information Exposure 		CVE-2017-14099 2024-11-21 12:12 2017-09-3 Show GitHub Exploit DB Packet Storm
197748 6.5 MEDIUM
Network 		libzip
debian 		libzip
debian_linux 		The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service (memory allocation failure in _zip_cdir_grow in … CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2017-14107 2024-11-21 12:12 2017-09-2 Show GitHub Exploit DB Packet Storm
197749 7.8 HIGH
Local 		aerohive hivemanager_classic HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An au… CWE-20
 Improper Input Validation  		CVE-2017-14105 2024-11-21 12:12 2017-09-2 Show GitHub Exploit DB Packet Storm
197750 5.5 MEDIUM
Local 		linux linux_kernel The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering… CWE-369
 Divide By Zero 		CVE-2017-14106 2024-11-21 12:12 2017-09-2 Show GitHub Exploit DB Packet Storm