Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216421 5.4 警告 Initech - Android 用 Instachat -Instagram Messenger アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5643 2014-09-30 16:51 2014-09-3 Show GitHub Exploit DB Packet Storm
216422 5.4 警告 Eden Agency - Android 用 Buy Yorkshire Conference アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5635 2014-09-30 16:51 2014-09-3 Show GitHub Exploit DB Packet Storm
216423 5.4 警告 Mad Creative - Android 用 Madipass Martinique アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5634 2014-09-30 16:51 2014-09-3 Show GitHub Exploit DB Packet Storm
216424 5.4 警告 IObit - Android 用 AMC Security- Antivirus, Clean アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5646 2014-09-30 16:51 2014-09-3 Show GitHub Exploit DB Packet Storm
216425 5.4 警告 IntSig Information - Android 用 CamScanner -Phone PDF Creator アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5645 2014-09-30 16:51 2014-09-3 Show GitHub Exploit DB Packet Storm
216426 5.4 警告 Girls Games 123 - Android 用 Kiss Kiss Office アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5633 2014-09-30 16:51 2014-09-3 Show GitHub Exploit DB Packet Storm
216427 5.4 警告 Intellectual Flame Co., Ltd. - Android 用 Brightest LED Flashlight アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5644 2014-09-30 16:51 2014-09-3 Show GitHub Exploit DB Packet Storm
216428 5.4 警告 Get Set Games Inc. - Android 用 Mega Jump アプリケーション におけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5632 2014-09-30 16:51 2014-09-3 Show GitHub Exploit DB Packet Storm
216429 5.4 警告 Gameloft - Android 用 Ice Age Village アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5627 2014-09-30 16:51 2014-09-3 Show GitHub Exploit DB Packet Storm
216430 5.4 警告 Gameloft - Android 用 Brothers In Arms 2 Free+ アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5626 2014-09-30 16:51 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292351 - siemens wincc_tia_portal CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cra… CWE-20
 Improper Input Validation  		CVE-2013-0670 2024-11-21 10:47 2013-03-21 Show GitHub Exploit DB Packet Storm
292352 - siemens wincc_tia_portal The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request. CWE-20
 Improper Input Validation  		CVE-2013-0669 2024-11-21 10:47 2013-03-21 Show GitHub Exploit DB Packet Storm
292353 - siemens wincc_tia_portal Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. CWE-79
Cross-site Scripting 		CVE-2013-0668 2024-11-21 10:47 2013-03-21 Show GitHub Exploit DB Packet Storm
292354 - siemens wincc_tia_portal Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. CWE-79
Cross-site Scripting 		CVE-2013-0667 2024-11-21 10:47 2013-03-21 Show GitHub Exploit DB Packet Storm
292355 - selinc acselerator_quickset Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before 5.12.0.1 uses weak permissions for its Program Files directory, which allows local users to replace executable files, and consequ… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-0665 2024-11-21 10:47 2013-03-21 Show GitHub Exploit DB Packet Storm
292356 - zoneminder zoneminder Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter. CWE-22
Path Traversal 		CVE-2013-0332 2024-11-21 10:47 2013-03-21 Show GitHub Exploit DB Packet Storm
292357 - zoneminder zoneminder includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packa… NVD-CWE-noinfo
CVE-2013-0232 2024-11-21 10:47 2013-03-21 Show GitHub Exploit DB Packet Storm
292358 - ibm sterling_selling_and_fulfillment_foundation
sterling_multi-channel_fulfillment_solution 		Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated user… CWE-79
Cross-site Scripting 		CVE-2013-0506 2024-11-21 10:47 2013-03-20 Show GitHub Exploit DB Packet Storm
292359 - ibm sterling_selling_and_fulfillment_foundation
sterling_multi-channel_fulfillment_solution 		IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to conduct XPath injection attacks, and re… CWE-200
CWE-20
Information Exposure
 Improper Input Validation  		CVE-2013-0505 2024-11-21 10:47 2013-03-20 Show GitHub Exploit DB Packet Storm
292360 - jenkins jenkins Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload. CWE-20
 Improper Input Validation  		CVE-2013-0331 2024-11-21 10:47 2013-03-19 Show GitHub Exploit DB Packet Storm