Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217301 4.3 警告 Leo Eibler - WordPress 用 GarageSale プラグインの templates/printAdminUsersList_Footer.tpl.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4532 2014-07-4 18:26 2014-04-25 Show GitHub Exploit DB Packet Storm
217302 4.3 警告 HC Consulting Group - WordPress 用 Spotlight プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4552 2014-07-4 18:26 2014-04-25 Show GitHub Exploit DB Packet Storm
217303 4.3 警告 Flash Photo Gallery project - WordPress 用 Flash Photo Gallery プラグインの fpg_preview.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4529 2014-07-4 18:26 2014-04-25 Show GitHub Exploit DB Packet Storm
217304 4.3 警告 Game tabs project - WordPress 用 Game tabs プラグインの main_page.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4531 2014-07-4 18:26 2014-04-25 Show GitHub Exploit DB Packet Storm
217305 4.3 警告 Rodrigo Primo - WordPress 用 Social Connect プラグインの diagnostics/test.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4551 2014-07-4 18:26 2014-04-25 Show GitHub Exploit DB Packet Storm
217306 4.3 警告 EnvialoSimple - WordPress 用 EnvialoSimple: Email Marketing and Newsletters プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4527 2014-07-4 18:26 2014-05-28 Show GitHub Exploit DB Packet Storm
217307 4.3 警告 efence project - WordPress 用 efence プラグインの callback.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4526 2014-07-4 18:26 2014-05-28 Show GitHub Exploit DB Packet Storm
217308 4.3 警告 WP Easy Post Types project - WordPress 用 WP Easy Post Types プラグインの classes/custom-image/media.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4524 2014-07-4 18:26 2014-05-28 Show GitHub Exploit DB Packet Storm
217309 4.3 警告 Diverse Solutions - WordPress 用 dsSearchAgent: WordPress Edition プラグインの client-assist.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4522 2014-07-4 18:26 2014-04-25 Show GitHub Exploit DB Packet Storm
217310 6.8 警告 Cherokee Project - Cherokee の validator_ldap.c 内の cherokee_validator_ldap_check 関数における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2014-4668 2014-07-4 14:01 2014-02-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291491 9.8 CRITICAL
Network 		cubecart cubecart The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrat… CWE-502
 Deserialization of Untrusted Data 		CVE-2013-1465 2024-11-21 10:49 2013-02-9 Show GitHub Exploit DB Packet Storm
291492 - doryphores audio_player Cross-site scripting (XSS) vulnerability in assets/player.swf in the Audio Player plugin before 2.0.4.6 for Wordpress allows remote attackers to inject arbitrary web script or HTML via the playerID p… CWE-79
Cross-site Scripting 		CVE-2013-1464 2024-11-21 10:49 2013-02-7 Show GitHub Exploit DB Packet Storm
291493 - wp-table_reloaded_project wp-table_reloaded Cross-site scripting (XSS) vulnerability in js/tabletools/zeroclipboard.swf in the WP-Table Reloaded module before 1.9.4 for Wordpress allows remote attackers to inject arbitrary web script or HTML v… CWE-79
Cross-site Scripting 		CVE-2013-1463 2024-11-21 10:49 2013-02-7 Show GitHub Exploit DB Packet Storm
291494 - fortinet fortimail Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote attacke… CWE-79
Cross-site Scripting 		CVE-2013-1471 2024-11-21 10:49 2013-02-5 Show GitHub Exploit DB Packet Storm
291495 - wireshark wireshark Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-1590 2024-11-21 10:49 2013-02-3 Show GitHub Exploit DB Packet Storm
291496 - wireshark wireshark Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via… CWE-399
 Resource Management Errors 		CVE-2013-1589 2024-11-21 10:49 2013-02-3 Show GitHub Exploit DB Packet Storm
291497 - wireshark wireshark Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-1588 2024-11-21 10:49 2013-02-3 Show GitHub Exploit DB Packet Storm
291498 - wireshark wireshark The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to … NVD-CWE-noinfo
CVE-2013-1587 2024-11-21 10:49 2013-02-3 Show GitHub Exploit DB Packet Storm
291499 - wireshark wireshark The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, w… NVD-CWE-noinfo
CVE-2013-1586 2024-11-21 10:49 2013-02-3 Show GitHub Exploit DB Packet Storm
291500 - wireshark wireshark epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of ser… CWE-20
 Improper Input Validation  		CVE-2013-1585 2024-11-21 10:49 2013-02-3 Show GitHub Exploit DB Packet Storm