Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219951 7.8 危険 Xangati - Xangati XSR および XNR におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-0358 2014-04-17 09:26 2014-04-14 Show GitHub Exploit DB Packet Storm
219952 1.5 注意 Ontario Systems - Ontario Systems Artiva Agency に認証不備の脆弱性 - CVE-2014-0348 2014-04-17 09:25 2014-04-14 Show GitHub Exploit DB Packet Storm
219953 7.1 危険 ジュニパーネットワークス - Juniper SRX シリーズのサービスゲートウェイで使用される Juniper Junos におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2714 2014-04-16 19:28 2014-04-9 Show GitHub Exploit DB Packet Storm
219954 5 警告 ジュニパーネットワークス - Juniper MX シリーズおよび T4000 ルータで使用される Juniper Junos におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2014-2713 2014-04-16 19:27 2014-04-10 Show GitHub Exploit DB Packet Storm
219955 4.3 警告 ジュニパーネットワークス - Juniper Junos の J-Web におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2712 2014-04-16 19:26 2014-04-9 Show GitHub Exploit DB Packet Storm
219956 4.3 警告 ジュニパーネットワークス - Juniper Junos の J-Web におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2711 2014-04-16 19:26 2014-04-9 Show GitHub Exploit DB Packet Storm
219957 7.1 危険 ジュニパーネットワークス - Juniper Junos におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2014-0614 2014-04-16 19:26 2014-04-9 Show GitHub Exploit DB Packet Storm
219958 5 警告 ジュニパーネットワークス - Juniper Junos におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2014-0612 2014-04-16 19:25 2014-04-9 Show GitHub Exploit DB Packet Storm
219959 7.5 危険 PivotX - PivotX の fileupload.php における任意の PHP コードを実行される脆弱性 CWE-Other
その他 		CVE-2014-0342 2014-04-16 19:13 2014-03-3 Show GitHub Exploit DB Packet Storm
219960 3.5 注意 PivotX - PivotX におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0341 2014-04-16 19:08 2014-03-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292151 - php-fusion php-fusion Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to… CWE-22
Path Traversal 		CVE-2013-1806 2024-11-21 10:50 2014-05-1 Show GitHub Exploit DB Packet Storm
292152 - php-fusion php-fusion Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php;… CWE-79
Cross-site Scripting 		CVE-2013-1804 2024-11-21 10:50 2014-04-30 Show GitHub Exploit DB Packet Storm
292153 - ushahidi ushahidi_platform Cross-site scripting (XSS) vulnerability in Ushahidi Platform 2.5.x through 2.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2013-2025 2024-11-21 10:50 2014-04-26 Show GitHub Exploit DB Packet Storm
292154 - packagekit_project packagekit The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1764 2024-11-21 10:50 2014-04-17 Show GitHub Exploit DB Packet Storm
292155 - jenkins
cloudbees 		jenkins Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with writ… CWE-79
Cross-site Scripting 		CVE-2013-2033 2024-11-21 10:50 2014-04-11 Show GitHub Exploit DB Packet Storm
292156 - restful_web_services_project restful_web_services The RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.3 and 7.x-2.x before 7.x-2.0-alpha5 for Drupal, when page caching is enabled and anonymous users are assigned RESTWS permissions, allows … CWE-20
 Improper Input Validation  		CVE-2013-1946 2024-11-21 10:50 2014-04-7 Show GitHub Exploit DB Packet Storm
292157 - ganglia ganglia-web Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the view_name parameter. CWE-79
Cross-site Scripting 		CVE-2013-1770 2024-11-21 10:50 2014-04-3 Show GitHub Exploit DB Packet Storm
292158 - redhat spacewalk-java
satellite 		CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting a… CWE-20
 Improper Input Validation  		CVE-2013-1869 2024-11-21 10:50 2014-04-1 Show GitHub Exploit DB Packet Storm
292159 - owncloud owncloud ownCloud before 5.0.6 does not properly check permissions, which allows remote authenticated users to execute arbitrary API commands via unspecified vectors. NOTE: this can be leveraged using CSRF t… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-2048 2024-11-21 10:50 2014-03-15 Show GitHub Exploit DB Packet Storm
292160 - owncloud owncloud The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the pas… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-2047 2024-11-21 10:50 2014-03-15 Show GitHub Exploit DB Packet Storm