Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
215851 5 警告 GNU Project - GNU Cpio の process_copy_in 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-9112 2014-12-3 16:08 2014-11-27 Show GitHub Exploit DB Packet Storm
215852 4 警告 CSSJockey.com - WordPress 用 SupportEzzy Ticket System プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9179 2014-12-3 16:08 2014-10-12 Show GitHub Exploit DB Packet Storm
215853 7.5 危険 Smarty Pants Plugins - WordPress 用 Smarty Pants Plugins SP Client Document Manager プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9178 2014-12-3 16:07 2014-11-21 Show GitHub Exploit DB Packet Storm
215854 5 警告 SVN Labs Softwares. - WordPress 用 HTML5 MP3 Player with Playlist Free プラグインにおけるインストールパスを取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-9177 2014-12-3 16:07 2014-11-26 Show GitHub Exploit DB Packet Storm
215855 4.3 警告 InstaSqueeze.com - WordPress 用 InstaSqueeze Sexy Squeeze Pages プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9176 2014-12-3 16:06 2014-11-26 Show GitHub Exploit DB Packet Storm
215856 7.5 危険 wpDataTables - WordPress 用 wpDataTables プラグインの wpdatatables.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9175 2014-12-3 16:05 2014-11-22 Show GitHub Exploit DB Packet Storm
215857 4.3 警告 Team Yoast - WordPress 用 Google Analytics by Yoast プラグインおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9174 2014-12-3 16:05 2014-11-26 Show GitHub Exploit DB Packet Storm
215858 7.5 危険 Google Doc Embedder - WordPress 用 Google Doc Embedder プラグインの view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9173 2014-12-3 16:05 2014-11-14 Show GitHub Exploit DB Packet Storm
215859 4.3 警告 Geardev - WordPress 用 Ad-Manager プラグインの track-click.php におけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2014-8754 2014-12-3 16:04 2014-11-26 Show GitHub Exploit DB Packet Storm
215860 5 警告 Kennziffer.com - TYPO3 用 ke_questionnaire エクステンションにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-8874 2014-12-3 15:56 2014-12-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292551 - debian
canonical
redhat
haproxy 		debian_linux
ubuntu_linux
enterprise_linux_load_balancer
haproxy 		HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (ne… CWE-20
CWE-284
 Improper Input Validation 
Improper Access Control 		CVE-2013-2175 2024-11-21 10:51 2013-08-19 Show GitHub Exploit DB Packet Storm
292552 - canonical ubuntu_linux Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions befo… CWE-362
Race Condition 		CVE-2013-2162 2024-11-21 10:51 2013-08-19 Show GitHub Exploit DB Packet Storm
292553 - mongodb
canonical
opensuse 		mongodb
ubuntu_linux
opensuse 		bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) vi… NVD-CWE-Other
CVE-2013-2132 2024-11-21 10:51 2013-08-16 Show GitHub Exploit DB Packet Storm
292554 - apache ofbiz Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to execute arbitrary Unified Expression Language (UEL) function… CWE-20
 Improper Input Validation  		CVE-2013-2250 2024-11-21 10:51 2013-08-16 Show GitHub Exploit DB Packet Storm
292555 - apache ofbiz Cross-site scripting (XSS) vulnerability in the "View Log" screen in the Webtools application in Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and… CWE-79
Cross-site Scripting 		CVE-2013-2137 2024-11-21 10:51 2013-08-16 Show GitHub Exploit DB Packet Storm
292556 - libraw libraw Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vec… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-2127 2024-11-21 10:51 2013-08-15 Show GitHub Exploit DB Packet Storm
292557 - libraw
canonical
opensuse 		libraw
ubuntu_linux
opensuse 		Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and po… CWE-399
 Resource Management Errors 		CVE-2013-2126 2024-11-21 10:51 2013-08-15 Show GitHub Exploit DB Packet Storm
292558 - xnview xnview Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-2577 2024-11-21 10:51 2013-08-10 Show GitHub Exploit DB Packet Storm
292559 - b-e-soft artweaver Buffer overflow in Artweaver before 3.1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AWD file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-2576 2024-11-21 10:51 2013-08-10 Show GitHub Exploit DB Packet Storm
292560 - lars_hjemli
jason_a_donenfeld 		cgit Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0.9.2, when a readme file is set to a filesystem path, allows remote attackers to read arbitrary fil… CWE-22
Path Traversal 		CVE-2013-2117 2024-11-21 10:51 2013-08-10 Show GitHub Exploit DB Packet Storm