Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230451	4.3	警告	Carlos Carvalhar	-	Drupal 用 Time Spent モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5548	2012-12-5 17:28	2012-10-24	Show	GitHub Exploit DB Packet Storm

230452	6.8	警告	Thomas Seidl	-	Drupal 用 Search API モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-5547	2012-12-5 17:28	2012-10-17	Show	GitHub Exploit DB Packet Storm

230453	2.1	注意	Rob Loach	-	Drupal 用 ShareThis モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5545	2012-12-5 17:26	2012-10-10	Show	GitHub Exploit DB Packet Storm

230454	4	警告	ThinkShout	-	Drupal 用 Mandrill モジュールにおけるパスワードのリセットリンクを取得される脆弱性	CWE-200 情報漏えい	CVE-2012-5544	2012-12-5 16:57	2012-10-9	Show	GitHub Exploit DB Packet Storm

230455	4.3	警告	Phase2 Technology	-	Drupal 用 Feeds モジュールにおける任意のノードを作成される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5543	2012-12-5 16:56	2012-10-10	Show	GitHub Exploit DB Packet Storm

230456	6.8	警告	Pedro Cambra	-	Drupal 用 Commerce Extra Panes モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-5542	2012-12-5 16:55	2012-10-3	Show	GitHub Exploit DB Packet Storm

230457	4.3	警告	Twitter Pull Project	-	Drupal用 Twitter Pull モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5541	2012-12-5 16:54	2012-10-3	Show	GitHub Exploit DB Packet Storm

230458	4.3	警告	Tekritisoftware	-	Drupal 用 Hostip モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5540	2012-12-5 16:54	2012-10-3	Show	GitHub Exploit DB Packet Storm

230459	3.5	注意	Moshe Weitzman	-	Drupal 用 Organic Groups モジュールにおける任意のグループに投稿される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5539	2012-12-5 16:51	2012-09-26	Show	GitHub Exploit DB Packet Storm

230460	2.1	注意	Nathan Haug	-	Drupal 用 FileField Sources モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5538	2012-12-5 16:48	2012-09-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348451	-	apple	mac_os_x mac_os_x_server	Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."	NVD-CWE-Other	CVE-2005-1335	2008-09-6 05:48	2005-05-4	Show	GitHub Exploit DB Packet Storm

348452	-	apple	mac_os_x	Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.	NVD-CWE-Other	CVE-2005-1336	2008-09-6 05:48	2005-05-4	Show	GitHub Exploit DB Packet Storm

348453	-	apple	mac_os_x mac_os_x_server	Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.	NVD-CWE-Other	CVE-2005-1337	2008-09-6 05:48	2005-05-4	Show	GitHub Exploit DB Packet Storm

348454	-	apple	mac_os_x	Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext.	NVD-CWE-Other	CVE-2005-1338	2008-09-6 05:48	2005-05-4	Show	GitHub Exploit DB Packet Storm

348455	-	apple	mac_os_x mac_os_x_server	lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.	NVD-CWE-Other	CVE-2005-1339	2008-09-6 05:48	2005-05-4	Show	GitHub Exploit DB Packet Storm

348456	-	apple	mac_os_x	The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.	NVD-CWE-Other	CVE-2005-1340	2008-09-6 05:48	2005-05-4	Show	GitHub Exploit DB Packet Storm

348457	-	apple	mac_os_x mac_os_x_server	Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.	NVD-CWE-Other	CVE-2005-1343	2008-09-6 05:48	2005-05-3	Show	GitHub Exploit DB Packet Storm

348458	-	symantec	antivirus_scan_engine mail_security norton_antivirus norton_internet_security norton_system_works symav_filter_domino_nt web_security	Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domin…	NVD-CWE-Other	CVE-2005-1346	2008-09-6 05:48	2005-05-2	Show	GitHub Exploit DB Packet Storm

348459	-	drupal	drupal	Cross-site scripting (XSS) vulnerability in common.inc in Drupal before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via certain inputs.	NVD-CWE-Other	CVE-2005-0682	2008-09-6 05:47	2005-05-2	Show	GitHub Exploit DB Packet Storm

348460	-	mlterm	mlterm	Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf support enabled, allows remote attackers to execute arbitrary code via a large image file that is used as a background.	NVD-CWE-Other	CVE-2005-0686	2008-09-6 05:47	2005-03-7	Show	GitHub Exploit DB Packet Storm