Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
215931 5 警告 Paid Memberships Pro - WordPress 用 Paid Memberships Pro プラグインの services/getfile.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-8801 2014-12-1 15:21 2014-11-14 Show GitHub Exploit DB Packet Storm
215932 5 警告 DukaPress - WordPress 用 DukaPress プラグインの php/dp-functions.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-8799 2014-12-1 15:16 2014-11-12 Show GitHub Exploit DB Packet Storm
215933 3.5 注意 apptha.com - WordPress 用 Apptha WordPress Video Gallery プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9098 2014-12-1 15:08 2014-07-15 Show GitHub Exploit DB Packet Storm
215934 7.5 危険 apptha.com - WordPress 用 Apptha WordPress Video Gallery プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9097 2014-12-1 14:39 2014-07-23 Show GitHub Exploit DB Packet Storm
215935 7.5 危険 Pligg - Pligg CMS の recover.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9096 2014-12-1 14:27 2014-07-31 Show GitHub Exploit DB Packet Storm
215936 7.5 危険 ラリタン・ジャパン株式会社 - Raritan Power IQ における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9095 2014-12-1 14:17 2014-07-16 Show GitHub Exploit DB Packet Storm
215937 7.5 危険 The Document Foundation - LibreOffice におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-9093 2014-12-1 13:52 2014-11-19 Show GitHub Exploit DB Packet Storm
215938 4.3 警告 Digital Zoom Studio - WordPress 用 Digital Zoom Studio Video Gallery プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9094 2014-12-1 13:32 2014-05-8 Show GitHub Exploit DB Packet Storm
215939 7.2 危険 Wibu-Systems AG - Wibu-Systems CodeMeter Runtime における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-8419 2014-12-1 11:56 2014-11-20 Show GitHub Exploit DB Packet Storm
215940 5.4 警告 Linux - Linux Kernel の net/sctp/associola.c 内の sctp_assoc_update 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2014-5077 2014-11-28 18:02 2014-07-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292531 - node_access_user_reference_project nodeaccess_userreference_module The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author upda… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-2123 2024-11-21 10:51 2013-08-29 Show GitHub Exploit DB Packet Storm
292532 - xen xen The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-2212 2024-11-21 10:51 2013-08-29 Show GitHub Exploit DB Packet Storm
292533 - xen xen The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest admi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-2211 2024-11-21 10:51 2013-08-29 Show GitHub Exploit DB Packet Storm
292534 - redhat enterprise_virtualization Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privile… CWE-399
 Resource Management Errors 		CVE-2013-2176 2024-11-21 10:51 2013-08-29 Show GitHub Exploit DB Packet Storm
292535 - hp storeonce_d2d Unspecified vulnerability in HP StoreOnce D2D Backup System 1.x before 1.2.19 and 2.x before 2.3.0 allows remote attackers to cause a denial of service via unknown vectors. NVD-CWE-noinfo
CVE-2013-2353 2024-11-21 10:51 2013-08-28 Show GitHub Exploit DB Packet Storm
292536 - xen xen Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, … NVD-CWE-noinfo
CVE-2013-2196 2024-11-21 10:51 2013-08-24 Show GitHub Exploit DB Packet Storm
292537 - xen xen The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involv… CWE-189
Numeric Errors 		CVE-2013-2195 2024-11-21 10:51 2013-08-24 Show GitHub Exploit DB Packet Storm
292538 - xen xen Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel. CWE-189
Numeric Errors 		CVE-2013-2194 2024-11-21 10:51 2013-08-24 Show GitHub Exploit DB Packet Storm
292539 - advantech advantech_webaccess Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspec… CWE-79
Cross-site Scripting 		CVE-2013-2299 2024-11-21 10:51 2013-08-22 Show GitHub Exploit DB Packet Storm
292540 - apache xml_security_for_c\+\+ Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.2 allows context-dependent attackers to cause a denial… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-2210 2024-11-21 10:51 2013-08-21 Show GitHub Exploit DB Packet Storm