Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228461	4.3	警告	PHP-Fusion	-	PHP-Fusion の downloads.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6043	2012-11-28 14:21	2012-11-26	Show	GitHub Exploit DB Packet Storm

228462	4.3	警告	GEOPAINTING	-	GPSMapEdit におけるサービス運用妨害 (クラッシュ) の脆弱性	CWE-119 バッファエラー	CVE-2012-6042	2012-11-28 14:20	2012-11-26	Show	GitHub Exploit DB Packet Storm

228463	6.8	警告	More Quick Tools	-	GreenBrowser におけるメモリ二重解放の脆弱性	CWE-399 リソース管理の問題	CVE-2012-6041	2012-11-28 14:19	2012-11-26	Show	GitHub Exploit DB Packet Storm

228464	4.3	警告	Convergine	-	File King Advanced File Managemen におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6040	2012-11-28 11:47	2012-11-26	Show	GitHub Exploit DB Packet Storm

228465	7.5	危険	YABSoft	-	YABSoft Advanced Image Hosting Script における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-6039	2012-11-28 11:46	2012-11-26	Show	GitHub Exploit DB Packet Storm

228466	6.5	警告	razorCMS	-	razorCMS の admin/core/admin_func.php におけるファイルを閲覧される脆弱性	CWE-22 パス・トラバーサル	CVE-2012-6038	2012-11-28 11:45	2012-11-26	Show	GitHub Exploit DB Packet Storm

228467	4.3	警告	レッドハット	-	JBoss Enterprise Data Services Platform におけるログイン認証情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2012-3431	2012-11-27 20:19	2012-09-20	Show	GitHub Exploit DB Packet Storm

228468	3.3	注意	レッドハット	-	複数の JBoss Enterprise 製品の JGroups 診断サービスにおける診断情報を読まれる脆弱性	CWE-287 不適切な認証	CVE-2012-2377	2012-11-27 20:16	2012-06-22	Show	GitHub Exploit DB Packet Storm

228469	7.5	危険	Gajim.org	-	Gajim の common/logger.py における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-2086	2012-11-27 20:12	2011-11-4	Show	GitHub Exploit DB Packet Storm

228470	4.6	警告	レッドハット	-	複数の JBoss Enterprise 製品における任意のアプリケーションにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1167	2012-11-27 20:10	2012-06-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 19, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
212231	-	mediawiki	mediawiki	Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via th…	CWE-79 Cross-site Scripting	CVE-2015-6730	2024-11-21 11:35	2015-09-1	Show	GitHub Exploit DB Packet Storm

212232	-	mediawiki	mediawiki	Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via th…	CWE-79 Cross-site Scripting	CVE-2015-6729	2024-11-21 11:35	2015-09-1	Show	GitHub Exploit DB Packet Storm

212233	-	mediawiki	mediawiki	The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 does not perform token comparison in constant time, which allows remote attackers to…	CWE-352 Origin Validation Error	CVE-2015-6728	2024-11-21 11:35	2015-09-1	Show	GitHub Exploit DB Packet Storm

212234	-	mediawiki canonical	mediawiki ubuntu_linux	The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" t…	CWE-200 Information Exposure	CVE-2015-6727	2024-11-21 11:35	2015-09-1	Show	GitHub Exploit DB Packet Storm

212235	-	ippusbxd_project	ippusbxd	IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-6520	2024-11-21 11:35	2015-09-1	Show	GitHub Exploit DB Packet Storm

212236	-	linux	linux_kernel	The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-…	CWE-399 Resource Management Errors	CVE-2015-6526	2024-11-21 11:35	2015-09-1	Show	GitHub Exploit DB Packet Storm

212237	-	path_breadcrumbs_project	path_breadcrumbs	Cross-site scripting (XSS) vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path B…	CWE-79 Cross-site Scripting	CVE-2015-6754	2024-11-21 11:35	2015-09-1	Show	GitHub Exploit DB Packet Storm

212238	-	quick_edit_project	quick_edit	Multiple cross-site scripting (XSS) vulnerabilities in the Quick Edit module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script…	CWE-79 Cross-site Scripting	CVE-2015-6753	2024-11-21 11:35	2015-09-1	Show	GitHub Exploit DB Packet Storm

212239	-	pligg	pligg_cms	Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via a request to admin…	CWE-352 Origin Validation Error	CVE-2015-6655	2024-11-21 11:35	2015-09-1	Show	GitHub Exploit DB Packet Storm

212240	-	search_api_autocomplete_project	search_api_autocomplete	Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote a…	CWE-79 Cross-site Scripting	CVE-2015-6752	2024-11-21 11:35	2015-09-1	Show	GitHub Exploit DB Packet Storm