Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229761	7.5	危険	Script Head	-	Drupal 用 Webmail Plus モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-5590	2012-12-28 16:06	2012-11-28	Show	GitHub Exploit DB Packet Storm

229762	3.5	注意	Net Genius	-	Drupal 用 MultiLink モジュールにおける任意のノードタイトルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2012-5589	2012-12-28 16:04	2012-11-28	Show	GitHub Exploit DB Packet Storm

229763	2.6	注意	Matthias Hutterer	-	Drupal 用 Email Field モジュールにおける電子メールを送信される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5588	2012-12-28 16:02	2012-11-28	Show	GitHub Exploit DB Packet Storm

229764	4.3	警告	Matthias Hutterer	-	Drupal 用 Email Field モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5587	2012-12-28 15:58	2012-11-28	Show	GitHub Exploit DB Packet Storm

229765	2.1	注意	Marc Ingram	-	Drupal 用 Services モジュールにおける任意のユーザの電子メールにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5586	2012-12-28 15:57	2012-11-28	Show	GitHub Exploit DB Packet Storm

229766	2.1	注意	Mixpanel Project	-	Drupal 用 Mixpanel モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5585	2012-12-28 15:50	2012-11-28	Show	GitHub Exploit DB Packet Storm

229767	4.3	警告	Made to Order Software	-	Drupal 用 Table of Contents モジュールにおけるノードのヘッダを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5584	2012-12-28 15:49	2012-11-14	Show	GitHub Exploit DB Packet Storm

229768	6.8	警告	Sensio Labs	-	Symfony における任意のサービスにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-6432	2012-12-28 15:20	2012-12-20	Show	GitHub Exploit DB Packet Storm

229769	6.4	警告	Sensio Labs	-	Symfony における URI の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-6431	2012-12-28 15:18	2012-12-20	Show	GitHub Exploit DB Packet Storm

229770	4.3	警告	Sebastian Heinlein Canonical	-	Ubuntu の Aptdaemon における任意のパッケージレポジトリの GPG キーをインストールされる脆弱性	CWE-noinfo 情報不足	CVE-2012-0962	2012-12-28 15:03	2012-12-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
225041	9.8	CRITICAL Network	skymoonlabs	cleanto	Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id parameter.	CWE-89 SQL Injection	CVE-2019-6296	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

225042	9.8	CRITICAL Network	skymoonlabs	cleanto	Cleanto 5.0 has SQL Injection via the assets/lib/service_method_ajax.php service_id parameter.	CWE-89 SQL Injection	CVE-2019-6295	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

225043	8.8	HIGH Network	easycms	easycms	An issue was discovered in EasyCMS 1.5. There is CSRF via the index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI.	CWE-352 Origin Validation Error	CVE-2019-6294	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

225044	8.8	HIGH Network	dedecms	dedecms	uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variat…	CWE-178 CWE-706 Improper Handling of Case Sensitivity Use of Incorrectly-Resolved Name or Reference	CVE-2019-6289	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

225045	5.5	MEDIUM Local	westes	flex	An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to …	CWE-674 Uncontrolled Recursion	CVE-2019-6293	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

225046	6.5	MEDIUM Network	yaml-cpp_project	yaml-cpp	An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stac…	CWE-674 Uncontrolled Recursion	CVE-2019-6292	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

225047	5.5	MEDIUM Local	nasm	netwide_assembler	An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself …	CWE-674 Uncontrolled Recursion	CVE-2019-6291	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

225048	5.5	MEDIUM Local	nasm	netwide_assembler	An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, be…	CWE-674 Uncontrolled Recursion	CVE-2019-6290	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

225049	6.1	MEDIUM Network	premiumwpsuite	easy_redirect_manager	The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for WordPress has XSS via a crafted GET request that is mishandled during log viewing at the templates/admin/redirect-log.php URI.	CWE-79 Cross-site Scripting	CVE-2019-6267	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

225050	6.5	MEDIUM Network	sass-lang	libsass	In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.	CWE-125 Out-of-bounds Read	CVE-2019-6286	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm