Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228651	2.6	注意	アシアル株式会社	-	Android 版 Monacaデバッガーにおける情報管理不備の脆弱性	CWE-200 情報漏えい	CVE-2012-5172	2012-11-16 12:02	2012-11-16	Show	GitHub Exploit DB Packet Storm

228652	10	危険	マイクロソフト Google	-	Google Chrome で使用される Microsoft Windows のカーネルモードドライバにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2012-2897	2012-11-16 11:09	2012-09-25	Show	GitHub Exploit DB Packet Storm

228653	4.3	警告	OTRS プロジェクト	-	Open Technology Real Services にクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2582	2012-11-16 10:19	2012-08-23	Show	GitHub Exploit DB Packet Storm

228654	3.6	注意	Shlomi Fish	-	Perl 用 Config::IniFiles モジュールにおける任意のファイルを上書きされる脆弱性	CWE-DesignError	CVE-2012-2451	2012-11-16 10:18	2012-06-27	Show	GitHub Exploit DB Packet Storm

228655	4.9	警告	Linux	-	Linux Kernel の mm/hugetlb.c におけるサービス運用妨害 (メモリ消費またはシステムクラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-2390	2012-11-16 10:16	2012-06-13	Show	GitHub Exploit DB Packet Storm

228656	2.6	注意	Moodle	-	Moodle のブログの実装におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2362	2012-11-16 10:15	2012-07-21	Show	GitHub Exploit DB Packet Storm

228657	4.3	警告	SPIP	-	SPIP におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2151	2012-11-16 10:11	2012-04-23	Show	GitHub Exploit DB Packet Storm

228658	7.2	危険	Linux	-	Linux Kernel の net/core/sock.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-2136	2012-11-16 10:08	2012-08-9	Show	GitHub Exploit DB Packet Storm

228659	4	警告	Oberthur Technologies	-	Oberthur のスマートカードに問題	CWE-noinfo 情報不足	CVE-2012-5860	2012-11-15 17:43	2012-11-12	Show	GitHub Exploit DB Packet Storm

228660	5	警告	The Tor Project	-	Tor の common/util.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-4922	2012-11-15 17:13	2012-09-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198431	9.8	CRITICAL Network	glpi-project	glpi	SQL injection exists in front/devicesoundcard.php in GLPI before 9.1.5 via the start parameter.	CWE-89 SQL Injection	CVE-2017-11184	2024-11-21 12:07	2017-07-28	Show	GitHub Exploit DB Packet Storm

198432	4.9	MEDIUM Network	glpi-project	glpi	front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter.	CWE-20 Improper Input Validation	CVE-2017-11183	2024-11-21 12:07	2017-07-28	Show	GitHub Exploit DB Packet Storm

198433	6.1	MEDIUM Network	sap	netweaver_portal	Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter …	CWE-79 Cross-site Scripting	CVE-2017-11460	2024-11-21 12:07	2017-07-26	Show	GitHub Exploit DB Packet Storm

198434	9.8	CRITICAL Network	sap	trex	SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via an fget command or (2) write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Not…	CWE-94 Code Injection	CVE-2017-11459	2024-11-21 12:07	2017-07-26	Show	GitHub Exploit DB Packet Storm

198435	6.1	MEDIUM Network	sap	netweaver_application_server_java	Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, a…	CWE-79 Cross-site Scripting	CVE-2017-11458	2024-11-21 12:07	2017-07-26	Show	GitHub Exploit DB Packet Storm

198436	6.5	MEDIUM Network	sap	netweaver_application_server_java	XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attac…	CWE-611 XXE	CVE-2017-11457	2024-11-21 12:07	2017-07-26	Show	GitHub Exploit DB Packet Storm

198437	5.5	MEDIUM Local	qemu debian	qemu debian_linux	The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options …	CWE-125 Out-of-bounds Read	CVE-2017-11434	2024-11-21 12:07	2017-07-26	Show	GitHub Exploit DB Packet Storm

198438	7.5	HIGH Network	nodejs	node.js	Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was co…	CWE-20 Improper Input Validation	CVE-2017-11499	2024-11-21 12:07	2017-07-25	Show	GitHub Exploit DB Packet Storm

198439	6.5	MEDIUM Network	tilde_cms_project	tilde_cms	An issue was discovered in Tilde CMS 1.0.1. It is possible to retrieve sensitive data by using direct references. A low-privileged user can load PHP resources such as admin/content.php and admin/cont…	CWE-200 Information Exposure	CVE-2017-11327	2024-11-21 12:07	2017-07-24	Show	GitHub Exploit DB Packet Storm

198440	7.5	HIGH Network	tilde_cms_project	tilde_cms	An issue was discovered in Tilde CMS 1.0.1. It is possible to bypass the implemented restrictions on arbitrary file upload via a filename.+php manipulation.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2017-11326	2024-11-21 12:07	2017-07-24	Show	GitHub Exploit DB Packet Storm