Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248501	4.3	警告	Nancy Wichmann	-	Drupal 用 Glossary モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2339	2012-05-23 19:00	2012-05-21	Show	GitHub Exploit DB Packet Storm

248502	2.6	注意	Ishmael Sanchez	-	Drupal 用 Aberdeen テーマの aberdeen_breadcrumb 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2907	2012-05-23 18:57	2012-05-21	Show	GitHub Exploit DB Packet Storm

248503	5	警告	mark pilgrim	-	Universal Feed Parser におけるサービス運用妨害 (メモリ消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-2921	2012-05-23 18:50	2012-05-2	Show	GitHub Exploit DB Packet Storm

248504	4.3	警告	Weston Ruter	-	WordPress 用 User Photo プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2920	2012-05-23 18:48	2012-05-21	Show	GitHub Exploit DB Packet Storm

248505	4.3	警告	Andrew Killen	-	WordPress 用 Share and Follow プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2917	2012-05-23 18:47	2012-05-21	Show	GitHub Exploit DB Packet Storm

248506	4.3	警告	dlo	-	WordPress 用 Sabre プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2916	2012-05-23 18:46	2012-05-21	Show	GitHub Exploit DB Packet Storm

248507	4.3	警告	Hind	-	WordPress 用 Leaflet プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2913	2012-05-23 18:41	2012-05-21	Show	GitHub Exploit DB Packet Storm

248508	4.3	警告	Kolja Schleich	-	WordPress 用 LeagueManager プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2912	2012-05-23 18:25	2012-05-21	Show	GitHub Exploit DB Packet Storm

248509	5	警告	Chevereto Software	-	Chevereto の Upload/engine.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-2919	2012-05-23 18:19	2012-05-21	Show	GitHub Exploit DB Packet Storm

248510	4.3	警告	Chevereto Software	-	Chevereto の Upload/engine.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2918	2012-05-23 18:18	2012-05-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314571	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence : smc_release smc_connect_wo…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2022-48909	2024-09-12 22:36	2024-08-22	Show	GitHub Exploit DB Packet Storm

314572	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: auxdisplay: lcd2s: Fix memory leak in ->remove() Once allocated the struct lcd2s_data is never freed. Fix the memory leak by swit…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2022-48907	2024-09-12 22:33	2024-08-22	Show	GitHub Exploit DB Packet Storm

314573	5.3	MEDIUM Network	sap	document_builder	SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.	CWE-862 Missing Authorization	CVE-2024-39591	2024-09-12 22:29	2024-08-13	Show	GitHub Exploit DB Packet Storm

314574	4.3	MEDIUM Network	sap	netweaver_application_server_abap	Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user relate…	CWE-862 Missing Authorization	CVE-2024-41734	2024-09-12 22:28	2024-08-13	Show	GitHub Exploit DB Packet Storm

314575	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: xen/netfront: destroy queues before real_num_tx_queues is zeroed xennet_destroy_queues() relies on info->netdev->real_num_tx_queu…	CWE-476 NULL Pointer Dereference	CVE-2022-48914	2024-09-12 22:27	2024-08-22	Show	GitHub Exploit DB Packet Storm

314576	5.4	MEDIUM Network	sap	student_life_cycle_management	SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could a…	CWE-862 Missing Authorization	CVE-2024-42373	2024-09-12 22:26	2024-08-13	Show	GitHub Exploit DB Packet Storm

314577	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no gua…	CWE-416 Use After Free	CVE-2022-48911	2024-09-12 22:24	2024-08-22	Show	GitHub Exploit DB Packet Storm

314578	-		-	-	Deserialization of untrusted data can occur in versions 2.4.0 or newer of the Cleanlab project, enabling a maliciously crafted datalab.pkl file to run arbitrary code on an end user’s system when the …	-	CVE-2024-45857	2024-09-12 22:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

314579	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double list_add when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kerne…	NVD-CWE-noinfo	CVE-2022-48916	2024-09-12 22:11	2024-08-22	Show	GitHub Exploit DB Packet Storm

314580	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min While the $val/$val2 values passed in from userspace are always >= …	NVD-CWE-noinfo	CVE-2022-48917	2024-09-12 22:07	2024-08-22	Show	GitHub Exploit DB Packet Storm