Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218331 6 警告 Piwigo - Piwigo における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-4649 2014-08-8 12:06 2014-08-8 Show GitHub Exploit DB Packet Storm
218332 5 警告 IBM - IBM Tivoli Endpoint Manager における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2014-3066 2014-08-7 12:27 2014-06-25 Show GitHub Exploit DB Packet Storm
218333 2.7 注意 Xen プロジェクト - Xen における重要な情報を取得される脆弱性 CWE-119
バッファエラー 		CVE-2014-4021 2014-08-7 12:22 2014-06-17 Show GitHub Exploit DB Packet Storm
218334 6.8 警告 マイクロソフト
アドビシステムズ		 - Adobe Flash Player および Adobe AIR におけるクロスサイトリクエストフォージェリ攻撃を実行される脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-4671 2014-08-6 17:36 2014-07-8 Show GitHub Exploit DB Packet Storm
218335 7.5 危険 Ruby on Rails project - Ruby on Rails の Active Record 用 PostgreSQL アダプタにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-3483 2014-08-6 17:23 2014-07-2 Show GitHub Exploit DB Packet Storm
218336 7.5 危険 Ruby on Rails project - Ruby on Rails の Active Record 用 PostgreSQL アダプタにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-3482 2014-08-6 17:21 2014-07-2 Show GitHub Exploit DB Packet Storm
218337 4.7 警告 Linux - 32-bit x86 プラットフォーム上で稼動する Linux kernel の arch/x86/kernel/entry_32.S におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2014-4508 2014-08-6 17:17 2014-06-16 Show GitHub Exploit DB Packet Storm
218338 6.9 警告 Linux - インテルプロセッサ上で稼動する Linux Kernel における競合状態を利用される脆弱性 CWE-362
競合状態 		CVE-2014-4699 2014-08-6 17:16 2014-07-6 Show GitHub Exploit DB Packet Storm
218339 6.4 警告 シスコシステムズ - Cisco ASR 9000 デバイスの Trident ラインカード上で稼動する Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-3308 2014-08-6 16:58 2014-07-3 Show GitHub Exploit DB Packet Storm
218340 5.8 警告 The Tor Project - Tor における疎通確認攻撃を実行される脆弱性 CWE-Other
その他 		CVE-2014-5117 2014-08-6 16:45 2014-07-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290761 - graphite_project graphite Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2013-5943 2024-11-21 10:58 2013-09-27 Show GitHub Exploit DB Packet Storm
290762 - graphite_project graphite Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to (1) remote_storage.py, (2) st… CWE-94
Code Injection 		CVE-2013-5942 2024-11-21 10:58 2013-09-27 Show GitHub Exploit DB Packet Storm
290763 - click2sell click2sell_suite_module Cross-site scripting (XSS) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a confirmation form. CWE-79
Cross-site Scripting 		CVE-2013-5938 2024-11-21 10:58 2013-09-25 Show GitHub Exploit DB Packet Storm
290764 - click2sell click2sell_suite_module Cross-site request forgery (CSRF) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete datab… CWE-352
 Origin Validation Error 		CVE-2013-5937 2024-11-21 10:58 2013-09-25 Show GitHub Exploit DB Packet Storm
290765 - open-xchange open-xchange_appsuite The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) networ… CWE-200
Information Exposure 		CVE-2013-5936 2024-11-21 10:58 2013-09-25 Show GitHub Exploit DB Packet Storm
290766 - open-xchange open-xchange_appsuite The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which mak… CWE-200
Information Exposure 		CVE-2013-5935 2024-11-21 10:58 2013-09-25 Show GitHub Exploit DB Packet Storm
290767 - open-xchange open-xchange_appsuite Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 has a hardcoded password for node join operations, which allows remote attackers to expand a cluster by finding this passwo… CWE-255
Credentials Management 		CVE-2013-5934 2024-11-21 10:58 2013-09-25 Show GitHub Exploit DB Packet Storm
290768 - google
motorola 		android
defy_xt 		Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or c… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-5933 2024-11-21 10:58 2013-09-25 Show GitHub Exploit DB Packet Storm
290769 - friends_of_symfony_project fosuserbundle The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expens… CWE-399
 Resource Management Errors 		CVE-2013-5750 2024-11-21 10:58 2013-09-25 Show GitHub Exploit DB Packet Storm
290770 - tenable securitycenter Cross-site scripting (XSS) vulnerability in devform.php in Tenable SecurityCenter 4.6 through 4.7 allows remote attackers to inject arbitrary web script or HTML via the message parameter. CWE-79
Cross-site Scripting 		CVE-2013-5911 2024-11-21 10:58 2013-09-24 Show GitHub Exploit DB Packet Storm