Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
219961	3.5	注意	Eugene Pankov	-	Eugene Pankov Ajenti の plugins/main/content/js/ajenti.coffee におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2260	2014-05-2 15:15	2014-01-16	Show	GitHub Exploit DB Packet Storm

219962	7.2	危険	Super Project	-	Super の super.c における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0470	2014-05-2 15:10	2014-04-28	Show	GitHub Exploit DB Packet Storm

219963	9	危険	フォーティネット	-	FortiGuard FortiAuthenticator における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-6990	2014-05-2 15:07	2013-12-15	Show	GitHub Exploit DB Packet Storm

219964	6.5	警告	ブルーコートシステムズ	-	Blue Coat Content Analysis System のコマンドラインインターフェースにおける任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2014-2565	2014-05-2 15:05	2014-04-4	Show	GitHub Exploit DB Packet Storm

219965	5	警告	レッドハット	-	Red Hat Enterprise MRG で使用される Cumin における重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2013-6445	2014-05-2 14:55	2013-11-4	Show	GitHub Exploit DB Packet Storm

219966	9.3	危険	Debian Canonical	-	dpkg の解凍機能におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-0471	2014-05-2 14:54	2014-04-28	Show	GitHub Exploit DB Packet Storm

219967	5	警告	TIBCO Software	-	複数の TIBCO 製品における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2014-2545	2014-05-2 14:52	2014-04-29	Show	GitHub Exploit DB Packet Storm

219968	7.5	危険	Igor Sysoev	-	nginx の ngx_http_spdy_module モジュールの SPDY の実装における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-0088	2014-05-2 14:42	2014-03-4	Show	GitHub Exploit DB Packet Storm

219969	4.3	警告	MediaWiki	-	MediaWiki の includes/actions/InfoAction.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2853	2014-05-2 12:01	2014-03-29	Show	GitHub Exploit DB Packet Storm

219970	6.8	警告	シスコシステムズ	-	Cisco WebEx Meetings Server の Web フレームワークにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-2186	2014-05-2 11:41	2014-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291941	-	cory_lamle	duplicator	Cross-site scripting (XSS) vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pack…	CWE-79 Cross-site Scripting	CVE-2013-4625	2024-11-21 10:55	2013-08-10	Show	GitHub Exploit DB Packet Storm

291942	-	open-emr	openemr	Cross-site scripting (XSS) vulnerability in interface/main/onotes/office_comments_full.php in OpenEMR 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the note parameter.	CWE-79 Cross-site Scripting	CVE-2013-4620	2024-11-21 10:55	2013-08-10	Show	GitHub Exploit DB Packet Storm

291943	-	open-emr	openemr	Multiple SQL injection vulnerabilities in OpenEMR 4.1.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) start or (2) end parameter to interface/reports/custom_report_ra…	CWE-89 SQL Injection	CVE-2013-4619	2024-11-21 10:55	2013-08-10	Show	GitHub Exploit DB Packet Storm

291944	-	alkacon	opencms	Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to system/workplace/views…	CWE-79 Cross-site Scripting	CVE-2013-4600	2024-11-21 10:55	2013-08-10	Show	GitHub Exploit DB Packet Storm

291945	-	symantec	backup_exec	Heap-based buffer overflow in the utility program in the Linux agent in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote attackers to cause a denial of service (agent…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2013-4575	2024-11-21 10:55	2013-08-5	Show	GitHub Exploit DB Packet Storm

291946	-	bitcoin	bitcoin_core	Unspecified vulnerability in bitcoind and Bitcoin-Qt 0.8.x allows remote attackers to cause a denial of service (memory consumption) via a large amount of tx message data.	NVD-CWE-noinfo	CVE-2013-4627	2024-11-21 10:55	2013-08-2	Show	GitHub Exploit DB Packet Storm

291947	-	bitcoin	bitcoin_core	The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remo…	CWE-200 Information Exposure	CVE-2013-4165	2024-11-21 10:55	2013-08-2	Show	GitHub Exploit DB Packet Storm

291948	-	siemens	scalance_w700_series_firmware scalance_w744-1 scalance_w744-1pro scalance_w746-1 scalance_w746-1pro scalance_w747-1 scalance_w747-1rr scalance_w784-1 scalance_w784-1rr scal…	Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary c…	NVD-CWE-noinfo	CVE-2013-4652	2024-11-21 10:55	2013-08-1	Show	GitHub Exploit DB Packet Storm

291949	-	siemens	scalance_w700_series_firmware scalance_w744-1 scalance_w744-1pro scalance_w746-1 scalance_w746-1pro scalance_w747-1 scalance_w747-1rr scalance_w784-1 scalance_w784-1rr scal…	Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-…	CWE-255 Credentials Management	CVE-2013-4651	2024-11-21 10:55	2013-08-1	Show	GitHub Exploit DB Packet Storm

291950	-	mongodb	mongodb	MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4650	2024-11-21 10:55	2013-07-4	Show	GitHub Exploit DB Packet Storm