Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218221 4.3 警告 The Foreman - Foreman におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3491 2014-07-3 16:17 2014-06-10 Show GitHub Exploit DB Packet Storm
218222 4.3 警告 XEN Carousel plugin project - WordPress 用 XEN Carousel プラグインの xencarousel-admin.js.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4602 2014-07-3 15:56 2014-05-28 Show GitHub Exploit DB Packet Storm
218223 4.3 警告 MNT-TECH - WordPress 用 WP-FaceThumb プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4585 2014-07-3 15:56 2014-06-12 Show GitHub Exploit DB Packet Storm
218224 4.3 警告 Easy Booking - WordPress 用 wp-easybooking プラグインの admin/editFacility.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4584 2014-07-3 15:55 2014-04-25 Show GitHub Exploit DB Packet Storm
218225 4.3 警告 WP-Contact plugin project - WordPress 用 WP-Contact プラグインの forms/messages.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4583 2014-07-3 15:55 2014-04-25 Show GitHub Exploit DB Packet Storm
218226 4.3 警告 Matthew Healy - WordPress 用 Wikipop プラグインの js/window.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4575 2014-07-3 15:54 2014-06-12 Show GitHub Exploit DB Packet Storm
218227 4.3 警告 VideoWhisper.com - WordPress 用 VideoWhisper Live Streaming Integration プラグインの ls/vv_login.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4569 2014-07-3 15:54 2014-06-12 Show GitHub Exploit DB Packet Storm
218228 4.3 警告 Validated plugin project - WordPress 用 Validated プラグインの check.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4564 2014-07-3 15:53 2014-04-25 Show GitHub Exploit DB Packet Storm
218229 4.3 警告 Optimizer - WordPress 用 Swipe Checkout for eShop プラグインの test-plugin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4556 2014-07-3 15:52 2014-04-25 Show GitHub Exploit DB Packet Storm
218230 4.3 警告 Rob Myrick - WordPress 用 Malware Finder プラグインの process.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4538 2014-07-3 15:50 2014-05-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291311 - autotrace_project autotrace Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the hea… CWE-189
Numeric Errors 		CVE-2013-1953 2024-11-21 10:50 2013-12-10 Show GitHub Exploit DB Packet Storm
291312 - redhat openstack nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local users to overwrite arbitrary files via a symlink attack on a temporary n… CWE-59
Link Following 		CVE-2013-2029 2024-11-21 10:50 2013-11-24 Show GitHub Exploit DB Packet Storm
291313 - redhat
t-mobile
busybox 		enterprise_linux
tm-ac1900
busybox 		util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vector… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1813 2024-11-21 10:50 2013-11-23 Show GitHub Exploit DB Packet Storm
291314 - mozilla network_security_services Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value. CWE-189
Numeric Errors 		CVE-2013-1741 2024-11-21 10:50 2013-11-18 Show GitHub Exploit DB Packet Storm
291315 - openvpn
opensuse 		openvpn
openvpn_access_server
opensuse 		The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparis… CWE-200
Information Exposure 		CVE-2013-2061 2024-11-21 10:50 2013-11-18 Show GitHub Exploit DB Packet Storm
291316 - mediawiki
fedoraproject
gentoo 		mediawiki
fedora
linux 		MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attacke… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-2032 2024-11-21 10:50 2013-11-18 Show GitHub Exploit DB Packet Storm
291317 - gentoo
mediawiki 		linux
mediawiki 		MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in … CWE-79
Cross-site Scripting 		CVE-2013-2031 2024-11-21 10:50 2013-11-18 Show GitHub Exploit DB Packet Storm
291318 - linux linux_kernel The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local users to cause a denial of service… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-2058 2024-11-21 10:50 2013-11-5 Show GitHub Exploit DB Packet Storm
291319 - opensuse
ruby-lang 		opensuse
ruby 		(1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to byp… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-2065 2024-11-21 10:50 2013-11-3 Show GitHub Exploit DB Packet Storm
291320 - mozilla bugzilla Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HT… CWE-79
Cross-site Scripting 		CVE-2013-1743 2024-11-21 10:50 2013-10-24 Show GitHub Exploit DB Packet Storm