Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
217611	7.8	危険	IBM	-	IBM Lotus Domino の IMAP サーバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2014-0822	2014-05-30 16:21	2014-02-5	Show	GitHub Exploit DB Packet Storm

217612	7.1	危険	IBM	-	IBM Lotus Protector for Mail Security の Admin Web UI における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2014-0887	2014-05-30 15:51	2014-03-24	Show	GitHub Exploit DB Packet Storm

217613	7.1	危険	IBM	-	IBM Lotus Protector for Mail Security の Admin Web UI におけるアクセス制限を回避される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2014-0886	2014-05-30 15:29	2014-03-24	Show	GitHub Exploit DB Packet Storm

217614	6.8	警告	IBM	-	IBM Lotus Protector for Mail Security の Admin Web UI におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-0885	2014-05-30 15:22	2014-03-24	Show	GitHub Exploit DB Packet Storm

217615	3.5	注意	IBM	-	IBM Lotus Protector for Mail Security の Admin Web UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0884	2014-05-30 15:09	2014-03-24	Show	GitHub Exploit DB Packet Storm

217616	5	警告	Google Doc Embedder	-	WordPress 用 Google Doc Embedder プラグインにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-4915	2014-05-30 10:51	2012-09-14	Show	GitHub Exploit DB Packet Storm

217617	4.3	警告	IBM	-	IBM WebSphere Portal における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2013-5454	2014-05-30 10:38	2013-11-11	Show	GitHub Exploit DB Packet Storm

217618	4.3	警告	IBM	-	IBM Domino の iNotes の MIME 電子メール機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3990	2014-05-29 18:30	2013-07-31	Show	GitHub Exploit DB Packet Storm

217619	4.3	警告	IBM	-	IBM Domino の iNotes の MIME 電子メール機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3032	2014-05-29 18:30	2013-07-31	Show	GitHub Exploit DB Packet Storm

217620	9.3	危険	IBM	-	IBM Domino の iNotes の DWA9W ActiveX コントロールにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2013-3027	2014-05-29 18:29	2013-07-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291621	-	owncloud	owncloud	ownCloud Server before 4.5.7 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to /apps/calendar/export.php. …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0304	2024-11-21 10:47	2014-06-6	Show	GitHub Exploit DB Packet Storm

291622	-	owncloud	owncloud	Unspecified vulnerability in ownCloud Server before 4.0.12 allows remote attackers to obtain sensitive information via unspecified vectors related to "inclusion of the Amazon SDK testing suite." NOTE…	NVD-CWE-noinfo	CVE-2013-0302	2024-11-21 10:47	2014-06-6	Show	GitHub Exploit DB Packet Storm

291623	-	owncloud	owncloud	settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via crafted mount point settings.	CWE-94 Code Injection	CVE-2013-0204	2024-11-21 10:47	2014-06-4	Show	GitHub Exploit DB Packet Storm

291624	-	lucas_clemente_vella	libpam-pgsql	libpam-pgsql (aka pam_pgsql) 0.7 does not properly handle a NULL value returned by the password search query, which allows remote attackers to bypass authentication via a crafted password.	CWE-287 Improper Authentication	CVE-2013-0191	2024-11-21 10:47	2014-06-3	Show	GitHub Exploit DB Packet Storm

291625	-	redhat	freeipa	The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0199	2024-11-21 10:47	2014-05-29	Show	GitHub Exploit DB Packet Storm

291626	-	isync_project	isync	Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…	CWE-310 Cryptographic Issues	CVE-2013-0289	2024-11-21 10:47	2014-05-23	Show	GitHub Exploit DB Packet Storm

291627	-	mantisbt	mantisbt	Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or …	CWE-79 Cross-site Scripting	CVE-2013-0197	2024-11-21 10:47	2014-05-15	Show	GitHub Exploit DB Packet Storm

291628	-	varnish_cache_project	varnish_cache	varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. N…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0345	2024-11-21 10:47	2014-05-8	Show	GitHub Exploit DB Packet Storm

291629	-	theforeman	foreman	The smart proxy Puppet run API in Foreman before 1.2.0 allows remote attackers to execute arbitrary commands via vectors related to escaping and Puppet commands.	CWE-94 Code Injection	CVE-2013-0210	2024-11-21 10:47	2014-05-8	Show	GitHub Exploit DB Packet Storm

291630	-	theforeman	foreman	Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or (2) AJAX request.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-0187	2024-11-21 10:47	2014-05-8	Show	GitHub Exploit DB Packet Storm