Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 4:05 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249321 4.3 警告 Kolja Schleich - WordPress 用 LeagueManager プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2912 2012-05-23 18:25 2012-05-21 Show GitHub Exploit DB Packet Storm
249322 5 警告 Chevereto Software - Chevereto の Upload/engine.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-2919 2012-05-23 18:19 2012-05-21 Show GitHub Exploit DB Packet Storm
249323 4.3 警告 Chevereto Software - Chevereto の Upload/engine.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2918 2012-05-23 18:18 2012-05-21 Show GitHub Exploit DB Packet Storm
249324 7.5 危険 Johan Cwiklinski - Galette の includes/picture.class.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2338 2012-05-23 18:16 2012-05-21 Show GitHub Exploit DB Packet Storm
249325 10 危険 DMSoft Technologies - SkinCrafter の InitLicenKeys 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2271 2012-05-23 18:15 2012-05-21 Show GitHub Exploit DB Packet Storm
249326 9.3 危険 Lattice Semiconductor - Lattice Semiconductor PAC-Designer におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2915 2012-05-23 18:04 2012-05-21 Show GitHub Exploit DB Packet Storm
249327 5 警告 リアルネットワークス - RealNetworks RealPlayer および RealPlayer SP におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2012-1904 2012-05-23 18:04 2012-03-28 Show GitHub Exploit DB Packet Storm
249328 4.3 警告 unijimpe - Unijimpe Captcha の captchademo.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2914 2012-05-23 18:02 2012-05-21 Show GitHub Exploit DB Packet Storm
249329 4.3 警告 SiliSoftware - SiliSoftware backupDB() の backupDB.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2911 2012-05-23 17:54 2012-05-21 Show GitHub Exploit DB Packet Storm
249330 4.3 警告 SiliSoftware - SiliSoftware phpThumb() におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2910 2012-05-23 17:53 2012-05-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2971 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2026-5297 2026-05-22 08:16 2026-05-22 Show GitHub Exploit DB Packet Storm
2972 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid… - CVE-2026-8352 2026-05-22 06:16 2026-05-22 Show GitHub Exploit DB Packet Storm
2973 8.8 HIGH
Network 		- - IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv_-prefixed query parameters through the… CWE-88
Argument Injection 		CVE-2026-47114 2026-05-22 06:03 2026-05-22 Show GitHub Exploit DB Packet Storm
2974 4.3 MEDIUM
Network 		- - The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the process_ajax_restore_action() function in all versions up to, and … CWE-862
 Missing Authorization 		CVE-2026-4843 2026-05-22 06:03 2026-05-22 Show GitHub Exploit DB Packet Storm
2975 6.1 MEDIUM
Network 		simplesamlphp simplesamlphp-casserver
simplesamlphp_casserver 		SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. In versions below 6.3.1 and 7.0.0, the logout endpoint accepts a url query parameter to redire… CWE-601
Open Redirect 		CVE-2025-65954 2026-05-22 06:01 2026-05-19 Show GitHub Exploit DB Packet Storm
2976 7.5 HIGH
Network 		mozilla firefox
firefox_focus 		Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151. CWE-693
 Protection Mechanism Failure 		CVE-2026-8945 2026-05-22 05:56 2026-05-19 Show GitHub Exploit DB Packet Storm
2977 4.8 MEDIUM
Network 		samba rsync Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass host… CWE-289
 Authentication Bypass by Alternate Name 		CVE-2026-43617 2026-05-22 05:54 2026-05-20 Show GitHub Exploit DB Packet Storm
2978 3.7 LOW
Network 		samba rsync Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c that allows network attackers to corrupt stack memor… CWE-193
 Off-by-one Error 		CVE-2026-45232 2026-05-22 05:52 2026-05-20 Show GitHub Exploit DB Packet Storm
2979 5.5 MEDIUM
Local 		samba rsync Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a malicious rsync server to crash the rsync client process. Atta… CWE-125
Out-of-bounds Read 		CVE-2026-43620 2026-05-22 05:47 2026-05-20 Show GitHub Exploit DB Packet Storm
2980 6.3 MEDIUM
Local 		samba rsync Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat … CWE-59
CWE-367
Link Following
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-43619 2026-05-22 05:42 2026-05-20 Show GitHub Exploit DB Packet Storm