Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218921 4.3 警告 Easy Booking - WordPress 用 wp-easybooking プラグインの admin/editFacility.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4584 2014-07-3 15:55 2014-04-25 Show GitHub Exploit DB Packet Storm
218922 4.3 警告 WP-Contact plugin project - WordPress 用 WP-Contact プラグインの forms/messages.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4583 2014-07-3 15:55 2014-04-25 Show GitHub Exploit DB Packet Storm
218923 4.3 警告 Matthew Healy - WordPress 用 Wikipop プラグインの js/window.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4575 2014-07-3 15:54 2014-06-12 Show GitHub Exploit DB Packet Storm
218924 4.3 警告 VideoWhisper.com - WordPress 用 VideoWhisper Live Streaming Integration プラグインの ls/vv_login.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4569 2014-07-3 15:54 2014-06-12 Show GitHub Exploit DB Packet Storm
218925 4.3 警告 Validated plugin project - WordPress 用 Validated プラグインの check.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4564 2014-07-3 15:53 2014-04-25 Show GitHub Exploit DB Packet Storm
218926 4.3 警告 Optimizer - WordPress 用 Swipe Checkout for eShop プラグインの test-plugin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4556 2014-07-3 15:52 2014-04-25 Show GitHub Exploit DB Packet Storm
218927 4.3 警告 Rob Myrick - WordPress 用 Malware Finder プラグインの process.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4538 2014-07-3 15:50 2014-05-28 Show GitHub Exploit DB Packet Storm
218928 4.3 警告 GEO Redirector plugin project - WordPress 用 GEO Redirector プラグインの ajax_functions.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4533 2014-07-3 15:50 2014-04-25 Show GitHub Exploit DB Packet Storm
218929 4.3 警告 fbpromotions project - WordPress 用 Bugs Go Viral : Facebook Promotion Generator プラグインの admin/swarm-settings.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4528 2014-07-3 15:49 2014-05-28 Show GitHub Exploit DB Packet Storm
218930 4.3 警告 Diverse Solutions - WordPress 用 dsIDXpress IDX プラグインの client-assist.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-4521 2014-07-3 15:48 2014-04-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291041 - ibm spss_collaboration_and_deployment_services Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability … NVD-CWE-noinfo
CVE-2013-5370 2024-11-21 10:57 2013-10-1 Show GitHub Exploit DB Packet Storm
291042 - cisco telepresence_multipoint_switch The Media Snapshot implementation on Cisco TelePresence Multipoint Switch (CTMS) devices allows remote authenticated users to cause a denial of service (device reload) by sending many Media Snapshot … CWE-399
 Resource Management Errors 		CVE-2013-5516 2024-11-21 10:57 2013-10-1 Show GitHub Exploit DB Packet Storm
291043 - x2engine x2crm Cross-site scripting (XSS) vulnerability in X2Engine X2CRM before 3.5 allows remote attackers to inject arbitrary web script or HTML via the model parameter to index.php/admin/editor. CWE-79
Cross-site Scripting 		CVE-2013-5693 2024-11-21 10:57 2013-10-1 Show GitHub Exploit DB Packet Storm
291044 - x2engine x2crm Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the file parameter to inde… CWE-22
Path Traversal 		CVE-2013-5692 2024-11-21 10:57 2013-10-1 Show GitHub Exploit DB Packet Storm
291045 - simone_tellini mod_accounting SQL injection vulnerability in mod_accounting.c in the mod_accounting module 0.5 and earlier for Apache allows remote attackers to execute arbitrary SQL commands via a Host header. CWE-89
SQL Injection 		CVE-2013-5697 2024-11-21 10:57 2013-10-1 Show GitHub Exploit DB Packet Storm
291046 - redhat libvirt The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonst… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-5651 2024-11-21 10:57 2013-10-1 Show GitHub Exploit DB Packet Storm
291047 - owasp enterprise_security_api The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0 does not properly resist tampering with serializ… CWE-310
Cryptographic Issues 		CVE-2013-5679 2024-11-21 10:57 2013-10-1 Show GitHub Exploit DB Packet Storm
291048 - cisco identity_services_engine_software Cross-site scripting (XSS) vulnerability in an administration page in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter,… CWE-79
Cross-site Scripting 		CVE-2013-5505 2024-11-21 10:57 2013-10-1 Show GitHub Exploit DB Packet Storm
291049 - cisco identity_services_engine_software Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an uns… CWE-79
Cross-site Scripting 		CVE-2013-5504 2024-11-21 10:57 2013-10-1 Show GitHub Exploit DB Packet Storm
291050 - apple iphone_os Passcode Lock in Apple iOS before 7.0.2 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement, and open the Camera app or rea… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-5161 2024-11-21 10:57 2013-09-28 Show GitHub Exploit DB Packet Storm