Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228381	5.1	警告	David Alkire	-	Drupal 用 Drag & Drop Gallery モジュールにおける任意の PHP コードを実行される脆弱性	CWE-Other その他	CVE-2012-4472	2012-12-4 16:20	2012-07-11	Show	GitHub Exploit DB Packet Storm

228382	5	警告	Dominique CLAUSE	-	Drupal 用 Search Autocomplete モジュールにおけるオートコンプリートを無効される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4471	2012-12-4 16:19	2012-07-11	Show	GitHub Exploit DB Packet Storm

228383	7.5	危険	Philip Ludlam	-	Drupal 用 Listhandler モジュールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4470	2012-12-4 16:13	2012-07-11	Show	GitHub Exploit DB Packet Storm

228384	2.6	注意	Simon Rycroft	-	Drupal 用 Hashcash モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4469	2012-12-4 15:17	2012-06-21	Show	GitHub Exploit DB Packet Storm

228385	4.3	警告	Privatemsg Project	-	Drupal 用 Privatemsg モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4468	2012-12-4 15:16	2012-06-20	Show	GitHub Exploit DB Packet Storm

228386	2.1	注意	Python Software Foundation	-	Python Keyring におけるパスワードを取得される脆弱性	CWE-310 暗号の問題	CVE-2012-4571	2012-12-4 14:30	2012-11-20	Show	GitHub Exploit DB Packet Storm

228387	7.5	危険	libssh	-	libssh におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-4560	2012-12-4 14:27	2012-11-20	Show	GitHub Exploit DB Packet Storm

228388	7.5	危険	PS Project Management Team	-	libunity-webapps におけるサービス運用妨害 (メモリ破損およびクラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-4551	2012-12-4 14:25	2012-11-28	Show	GitHub Exploit DB Packet Storm

228389	5	警告	IBM	-	IBM WebSphere Portal の theme コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-4834	2012-12-4 14:12	2012-11-29	Show	GitHub Exploit DB Packet Storm

228390	5	警告	Apache Software Foundation	-	Apache Tomcat におけるサービス運用妨害 (デーモンの停止) の脆弱性	CWE-16 環境設定	CVE-2012-5568	2012-12-4 14:11	2012-11-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211271	8.8	HIGH Network	ipswitch	moveit_mobile	Multiple cross-site request forgery (CSRF) vulnerabilities in Ipswitch MOVEit Mobile 1.2.0.962 and earlier allow remote attackers to hijack the authentication of unspecified victims via unknown vecto…	CWE-352 Origin Validation Error	CVE-2015-7678	2024-11-21 11:37	2016-02-11	Show	GitHub Exploit DB Packet Storm

211272	4.3	MEDIUM Network	ipswitch	moveit_dmz	The MOVEitISAPI service in Ipswitch MOVEit DMZ before 8.2 provides different error messages depending on whether a FileID exists, which allows remote authenticated users to enumerate FileIDs via the …	CWE-200 Information Exposure	CVE-2015-7677	2024-11-21 11:37	2016-02-11	Show	GitHub Exploit DB Packet Storm

211273	6.5	MEDIUM Network	ipswitch	moveit_mobile moveit_dmz	The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID i…	CWE-200 Information Exposure	CVE-2015-7675	2024-11-21 11:37	2016-02-11	Show	GitHub Exploit DB Packet Storm

211274	6.5	MEDIUM Network	sauter-controls	moduweb_vision	Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query.	CWE-79 Cross-site Scripting	CVE-2015-7916	2024-11-21 11:37	2016-02-6	Show	GitHub Exploit DB Packet Storm

211275	9.8	CRITICAL Network	sauter	moduweb_vision	Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.	CWE-255 CWE-200 Credentials Management Information Exposure	CVE-2015-7915	2024-11-21 11:37	2016-02-6	Show	GitHub Exploit DB Packet Storm

211276	8.1	HIGH Network	sauter	moduweb_vision	Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password.	CWE-287 CWE-254 Improper Authentication 7PK - Security Features	CVE-2015-7914	2024-11-21 11:37	2016-02-6	Show	GitHub Exploit DB Packet Storm

211277	9.0	CRITICAL Network	westermo	weos	Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanism…	CWE-310 Cryptographic Issues	CVE-2015-7923	2024-11-21 11:37	2016-01-30	Show	GitHub Exploit DB Packet Storm

211278	7.7	HIGH Network	ntp siemens netapp debian	ntp tim_4r-ie_firmware tim_4r-ie_dnp3_firmware oncommand_balance clustered_data_ontap debian_linux	NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via a…	CWE-287 Improper Authentication	CVE-2015-7974	2024-11-21 11:37	2016-01-27	Show	GitHub Exploit DB Packet Storm

211279	5.9	MEDIUM Network	wolfssl opensuse mariadb	wolfssl leap opensuse mariadb	wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimization…	NVD-CWE-noinfo	CVE-2015-7744	2024-11-21 11:37	2016-01-23	Show	GitHub Exploit DB Packet Storm

211280	7.3	HIGH Network	hospira	communication_engine lifecare_pca_infusion_system	Stack-based buffer overflow in Hospira Communication Engine (CE) before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote attac…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-7909	2024-11-21 11:37	2016-01-22	Show	GitHub Exploit DB Packet Storm