Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219301 6.5 警告 Thomas Abeel - Simple PHP Agenda の edit_event.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-3961 2014-03-13 16:32 2013-06-11 Show GitHub Exploit DB Packet Storm
219302 9.3 危険 John Paul Chacha's Lab - Chasys Draw IES の flt_BMP.dll の ReadFile 機能におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-3928 2014-03-13 16:03 2013-07-21 Show GitHub Exploit DB Packet Storm
219303 6.8 警告 Umisoft - Umisoft UMI.CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-2754 2014-03-13 15:48 2013-05-8 Show GitHub Exploit DB Packet Storm
219304 6.5 警告 VICIDIAL Group - VICIDIAL ダイヤラーのエージェントインターフェースにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-4467 2014-03-13 15:32 2013-10-23 Show GitHub Exploit DB Packet Storm
219305 4.3 警告 The PHP Group - XHProf におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4433 2014-03-13 15:31 2013-09-30 Show GitHub Exploit DB Packet Storm
219306 5 警告 Schneems - Ruby 用 Wicked gem の controller/concerns/render_redirect.rb におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-4413 2014-03-13 15:31 2013-10-8 Show GitHub Exploit DB Packet Storm
219307 4.3 警告 Batavi - Batavi の admin/templates/default.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2289 2014-03-13 15:00 2013-03-1 Show GitHub Exploit DB Packet Storm
219308 3.5 注意 Plone Foundation - Plone の cb_decode.py および linkintegrity.py におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4199 2014-03-13 14:45 2013-06-18 Show GitHub Exploit DB Packet Storm
219309 4 警告 Plone Foundation - Plone の mail_password.py におけるパスワード変更の禁止を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4198 2014-03-13 14:45 2013-06-18 Show GitHub Exploit DB Packet Storm
219310 5.5 警告 Plone Foundation - Plone の member_portrait.py における他のユーザのポートレートを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4197 2014-03-13 14:44 2013-06-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292211 - ibm cognos_disclosure_management The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote attacke… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-0501 2024-11-21 10:47 2013-04-13 Show GitHub Exploit DB Packet Storm
292212 - nori_gem_project nori_gem The nori gem 2.0.x before 2.0.2, 1.1.x before 1.1.4, and 1.0.x before 1.0.3 for Ruby does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attac… CWE-20
 Improper Input Validation  		CVE-2013-0285 2024-11-21 10:47 2013-04-10 Show GitHub Exploit DB Packet Storm
292213 - newrelic ruby_agent Ruby agent 3.2.0 through 3.5.2 serializes sensitive data when communicating with servers operated by New Relic, which allows remote attackers to obtain sensitive information (database credentials and… CWE-200
Information Exposure 		CVE-2013-0284 2024-11-21 10:47 2013-04-10 Show GitHub Exploit DB Packet Storm
292214 - apache maven The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack. CWE-16
Configuration 		CVE-2013-0253 2024-11-21 10:47 2013-04-10 Show GitHub Exploit DB Packet Storm
292215 - cogentdatahub cogent_datahub
opc_datahub
cascade_datahub
datahub_quicktrend 		Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend befo… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-0680 2024-11-21 10:47 2013-04-6 Show GitHub Exploit DB Packet Storm
292216 - ibm ims_enterprise_suite The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 uses cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network. CWE-310
Cryptographic Issues 		CVE-2013-0483 2024-11-21 10:47 2013-04-6 Show GitHub Exploit DB Packet Storm
292217 - ibm netezza_performance_portal HTTPD in IBM Netezza Performance Portal 1.0.2 allows remote authenticated users to list application directories containing asset files via a direct request to a directory URI, as demonstrated by list… CWE-16
Configuration 		CVE-2013-0470 2024-11-21 10:47 2013-04-6 Show GitHub Exploit DB Packet Storm
292218 - schneider-electric modicon_quantum_plc
modicon_m340
modicon_premium 		The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, … NVD-CWE-noinfo
CVE-2013-0664 2024-11-21 10:47 2013-04-4 Show GitHub Exploit DB Packet Storm
292219 - schneider-electric modicon_quantum_plc
modicon_m340
modicon_premium 		Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSX… CWE-352
 Origin Validation Error 		CVE-2013-0663 2024-11-21 10:47 2013-04-4 Show GitHub Exploit DB Packet Storm
292220 - gnome
canonical 		gnome_online_accounts
ubuntu_linux 		Gnome Online Accounts (GOA) 3.4.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.5, does not properly validate SSL certificates when creating accounts such as Windows Live and Facebook accounts, which all… CWE-310
Cryptographic Issues 		CVE-2013-0240 2024-11-21 10:47 2013-04-2 Show GitHub Exploit DB Packet Storm