Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216041 4.3 警告 WebsiteBaker Org - WebsiteBaker におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9243 2014-12-5 18:18 2014-11-17 Show GitHub Exploit DB Packet Storm
216042 10 危険 WebsiteBaker Org - WebsiteBaker の admin/pages/modify.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9242 2014-12-5 18:17 2014-11-17 Show GitHub Exploit DB Packet Storm
216043 4.3 警告 MyBB Group - MyBB におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9241 2014-12-5 18:15 2014-11-13 Show GitHub Exploit DB Packet Storm
216044 7.5 危険 MyBB Group - MyBB の member.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9240 2014-12-5 18:14 2014-11-13 Show GitHub Exploit DB Packet Storm
216045 7.5 危険 Invision Power Services, Inc - Invision Power Board の IPS Connect サービスにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9239 2014-12-5 18:02 2014-11-13 Show GitHub Exploit DB Packet Storm
216046 7.5 危険 Zoho Corporation - 複数の ZOHO 製品における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-7868 2014-12-5 16:42 2014-11-9 Show GitHub Exploit DB Packet Storm
216047 7.5 危険 Zoho Corporation - 複数の ZOHO 製品における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-7867 2014-12-5 16:40 2014-12-4 Show GitHub Exploit DB Packet Storm
216048 5 警告 Zoho Corporation - 複数の ZOHO 製品の multipartRequest サーブレットにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-6036 2014-12-5 16:39 2014-09-27 Show GitHub Exploit DB Packet Storm
216049 7.5 危険 Zoho Corporation - ZOHO ManageEngine OpManager の FileCollector サーブレットにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-6035 2014-12-5 16:38 2014-09-27 Show GitHub Exploit DB Packet Storm
216050 5 警告 Zoho Corporation - 複数の ZOHO 製品の com.me.opmanager.extranet.remote.communication.fw.fe.FileCollector サーブレットにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-6034 2014-12-5 16:37 2014-09-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294791 - parallels parallels_plesk_panel Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable. NVD-CWE-Other
CVE-2013-0133 2024-11-21 10:46 2013-04-19 Show GitHub Exploit DB Packet Storm
294792 - parallels parallels_plesk_panel The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing cr… CWE-94
Code Injection 		CVE-2013-0132 2024-11-21 10:46 2013-04-19 Show GitHub Exploit DB Packet Storm
294793 - microsoft windows_defender The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which allows local users to gain privileges via a crafted application, aka… CWE-20
 Improper Input Validation  		CVE-2013-0078 2024-11-21 10:46 2013-04-10 Show GitHub Exploit DB Packet Storm
294794 - airdroid airdroid Cross-site scripting (XSS) vulnerability in the web interface in AirDroid allows remote attackers to inject arbitrary web script or HTML via a crafted text message that is transmitted by a managed ph… CWE-79
Cross-site Scripting 		CVE-2013-0134 2024-11-21 10:46 2013-04-9 Show GitHub Exploit DB Packet Storm
294795 - nvidia gpu_driver Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-0131 2024-11-21 10:46 2013-04-9 Show GitHub Exploit DB Packet Storm
294796 - nvidia driver daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service pa… NVD-CWE-Other
CVE-2013-0111 2024-11-21 10:46 2013-04-9 Show GitHub Exploit DB Packet Storm
294797 - nvidia driver nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the … NVD-CWE-Other
CVE-2013-0110 2024-11-21 10:46 2013-04-9 Show GitHub Exploit DB Packet Storm
294798 - chatelao php_address_book Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) address… CWE-89
SQL Injection 		CVE-2013-0135 2024-11-21 10:46 2013-04-9 Show GitHub Exploit DB Packet Storm
294799 - nvidia display_driver The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cau… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-0109 2024-11-21 10:46 2013-04-9 Show GitHub Exploit DB Packet Storm
294800 - tigertext tigertext The Contact Customer Support feature in the TigerText Free Private Texting app before 3.1.402 for iOS sends a log-file e-mail message with unencrypted credentials, which allows remote attackers to ob… CWE-255
Credentials Management 		CVE-2013-0128 2024-11-21 10:46 2013-04-5 Show GitHub Exploit DB Packet Storm