Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
218701	7.8	危険	ZyXEL	-	ZyXEL Wireless N300 NetUSB NBG-419N ルータのファームウェアにおける index.asp のログインアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2014-0354	2014-04-17 10:57	2014-04-11	Show	GitHub Exploit DB Packet Storm

218702	6.1	警告	ZyXEL	-	ZyXEL Wireless N300 NetUSB NBG-419N ルータのファームウェアにおける認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2014-0353	2014-04-17 10:57	2014-04-11	Show	GitHub Exploit DB Packet Storm

218703	9	危険	Xangati	-	Xangati XSR および XNR における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2014-0359	2014-04-17 09:27	2014-04-14	Show	GitHub Exploit DB Packet Storm

218704	7.8	危険	Xangati	-	Xangati XSR および XNR におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-0358	2014-04-17 09:26	2014-04-14	Show	GitHub Exploit DB Packet Storm

218705	1.5	注意	Ontario Systems	-	Ontario Systems Artiva Agency に認証不備の脆弱性	-	CVE-2014-0348	2014-04-17 09:25	2014-04-14	Show	GitHub Exploit DB Packet Storm

218706	7.1	危険	ジュニパーネットワークス	-	Juniper SRX シリーズのサービスゲートウェイで使用される Juniper Junos におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-2714	2014-04-16 19:28	2014-04-9	Show	GitHub Exploit DB Packet Storm

218707	5	警告	ジュニパーネットワークス	-	Juniper MX シリーズおよび T4000 ルータで使用される Juniper Junos におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2014-2713	2014-04-16 19:27	2014-04-10	Show	GitHub Exploit DB Packet Storm

218708	4.3	警告	ジュニパーネットワークス	-	Juniper Junos の J-Web におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2712	2014-04-16 19:26	2014-04-9	Show	GitHub Exploit DB Packet Storm

218709	4.3	警告	ジュニパーネットワークス	-	Juniper Junos の J-Web におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2711	2014-04-16 19:26	2014-04-9	Show	GitHub Exploit DB Packet Storm

218710	7.1	危険	ジュニパーネットワークス	-	Juniper Junos におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2014-0614	2014-04-16 19:26	2014-04-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291581	-	combodo	itop	Multiple cross-site scripting (XSS) vulnerabilities in the search feature in iTop (aka IT Operations Portal) 2.0, 1.2.1, 1.2, and earlier allow remote attackers to inject arbitrary web script or HTML…	CWE-79 Cross-site Scripting	CVE-2013-0805	2024-11-21 10:48	2014-03-21	Show	GitHub Exploit DB Packet Storm

291582	-	ubuntu	metal_as_a_service	Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/.	CWE-79 Cross-site Scripting	CVE-2013-1070	2024-11-21 10:48	2014-02-18	Show	GitHub Exploit DB Packet Storm

291583	-	ubuntu	metal_as_a_service	Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-1069	2024-11-21 10:48	2014-02-18	Show	GitHub Exploit DB Packet Storm

291584	-	novell	identity_manager_roles_based_provisioning_module	Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script…	CWE-79 Cross-site Scripting	CVE-2013-1096	2024-11-21 10:48	2013-12-28	Show	GitHub Exploit DB Packet Storm

291585	-	ffmpeg	ffmpeg	The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an…	CWE-189 Numeric Errors	CVE-2013-0859	2024-11-21 10:48	2013-12-8	Show	GitHub Exploit DB Packet Storm

291586	-	debian ffmpeg	debian_linux ffmpeg	The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer tha…	NVD-CWE-noinfo	CVE-2013-0858	2024-11-21 10:48	2013-12-8	Show	GitHub Exploit DB Packet Storm

291587	-	ffmpeg	ffmpeg	The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data.	CWE-20 Improper Input Validation	CVE-2013-0857	2024-11-21 10:48	2013-12-8	Show	GitHub Exploit DB Packet Storm

291588	-	ffmpeg	ffmpeg	The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_s…	CWE-20 Improper Input Validation	CVE-2013-0856	2024-11-21 10:48	2013-12-8	Show	GitHub Exploit DB Packet Storm

291589	-	ffmpeg	ffmpeg	Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Los…	CWE-189 Numeric Errors	CVE-2013-0855	2024-11-21 10:48	2013-12-8	Show	GitHub Exploit DB Packet Storm

291590	-	ffmpeg	ffmpeg	The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data.	CWE-20 Improper Input Validation	CVE-2013-0854	2024-11-21 10:48	2013-12-8	Show	GitHub Exploit DB Packet Storm