Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217001	4.3	警告	Yahoo! Updates for WordPress plugin project	-	WordPress 用 Yahoo! Updates for WordPress プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4603	2014-07-7 18:26	2014-05-28	Show	GitHub Exploit DB Packet Storm

217002	4.3	警告	Style It project	-	WordPress 用 Style It プラグインの fonts/font-form.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4555	2014-07-7 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

217003	4.3	警告	Alipay	-	WordPress 用 Wu-Rating プラグインの wu-ratepost.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4601	2014-07-7 18:26	2014-06-12	Show	GitHub Exploit DB Packet Storm

217004	4.3	警告	WP Timersys	-	WordPress 用 WP Social Invitations プラグインの test.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4597	2014-07-7 18:26	2014-01-30	Show	GitHub Exploit DB Packet Storm

217005	4.3	警告	Stranger Studios	-	WordPress 用 SS Downloads プラグインの templates/download.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4554	2014-07-7 18:26	2014-05-28	Show	GitHub Exploit DB Packet Storm

217006	4.3	警告	ZeenShare project	-	WordPress 用 ZeenShare プラグインの redirect_to_zeenshare.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4606	2014-07-7 18:26	2014-01-11	Show	GitHub Exploit DB Packet Storm

217007	4.3	警告	Smackcoders	-	WordPress 用 WP Ultimate Email Marketer プラグインの contact/edit.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4600	2014-07-7 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

217008	4.3	警告	RuslanY Blog	-	WordPress 用 WP Silverlight Media Player プラグインの uploader.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4589	2014-07-7 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

217009	4.3	警告	techteam internet services	-	WordPress 用 WP-Business Directory プラグインの forms/search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4599	2014-07-7 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

217010	4.3	警告	swicks	-	WordPress 用 WooCommerce SagePay Direct Payment Gateway プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4549	2014-07-7 18:26	2014-04-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291941	-	oracle sun	jre jdk	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, a…	NVD-CWE-noinfo	CVE-2013-0351	2024-11-21 10:47	2013-02-2	Show	GitHub Exploit DB Packet Storm

291942	-	miniupnp_project	miniupnpd	Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quot…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2013-0230	2024-11-21 10:47	2013-02-1	Show	GitHub Exploit DB Packet Storm

291943	-	miniupnp_project	miniupnpd	The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that trig…	NVD-CWE-noinfo	CVE-2013-0229	2024-11-21 10:47	2013-02-1	Show	GitHub Exploit DB Packet Storm

291944	-	rubyonrails	rails ruby_on_rails	lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows re…	NVD-CWE-Other	CVE-2013-0333	2024-11-21 10:47	2013-01-30	Show	GitHub Exploit DB Packet Storm

291945	-	ge	intelligent_platforms_proficy_hmi\/scada_cimplicity intelligent_platforms_proficy_process_systems_with_cimplicity intelligent_platforms_proficy_process_systems	CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary commands or cause a…	CWE-20 Improper Input Validation	CVE-2013-0654	2024-11-21 10:47	2013-01-28	Show	GitHub Exploit DB Packet Storm

291946	-	ge	intelligent_platforms_proficy_hmi\/scada_cimplicity intelligent_platforms_proficy_process_systems_with_cimplicity intelligent_platforms_proficy_process_systems	Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPL…	CWE-22 Path Traversal	CVE-2013-0653	2024-11-21 10:47	2013-01-28	Show	GitHub Exploit DB Packet Storm

291947	-	ge	intelligent_platforms_proficy_real-time_information_portal	GE Intelligent Platforms Proficy Real-Time Information Portal does not restrict access to methods of an unspecified Java class, which allows remote attackers to obtain a username listing via an RMI c…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0652	2024-11-21 10:47	2013-01-28	Show	GitHub Exploit DB Packet Storm

291948	-	ge	intelligent_platforms_proficy_real-time_information_portal	The Portal installation process in GE Intelligent Platforms Proficy Real-Time Information Portal stores sensitive information under the web root with insufficient access control, which allows remote …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0651	2024-11-21 10:47	2013-01-28	Show	GitHub Exploit DB Packet Storm

291949	-	ibm	websphere_application_server	Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1, 7.0 before 7.0.0.27, 8.0, and 8.5 has unknown impact and attack vectors.	NVD-CWE-noinfo	CVE-2013-0462	2024-11-21 10:47	2013-01-28	Show	GitHub Exploit DB Packet Storm

291950	-	ibm	websphere_application_server	Cross-site scripting (XSS) vulnerability in the virtual member manager (VMM) administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.…	CWE-79 Cross-site Scripting	CVE-2013-0461	2024-11-21 10:47	2013-01-28	Show	GitHub Exploit DB Packet Storm