Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
220031	6.8	警告	Lester Chan	-	WordPress 用 WP-PostViews プラグインのオプションの管理者ページにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-3252	2014-04-14 18:26	2013-05-7	Show	GitHub Exploit DB Packet Storm

220032	6.8	警告	Qian Qin	-	WordPress 用 qTranslate プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-3251	2014-04-14 18:26	2013-06-4	Show	GitHub Exploit DB Packet Storm

220033	6.8	警告	Jeremy Massel	-	WordPress 用 underConstruction プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2699	2014-04-14 18:26	2013-06-3	Show	GitHub Exploit DB Packet Storm

220034	6.8	警告	Lester Chan	-	WordPress 用 WP-Print プラグインのオプションにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2693	2014-04-14 18:25	2013-04-5	Show	GitHub Exploit DB Packet Storm

220035	6.8	警告	Dean Adjie Minwarie	-	WordPress 用 DVS Custom Notification プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4921	2014-04-14 18:24	2012-09-14	Show	GitHub Exploit DB Packet Storm

220036	5.8	警告	kernel.org	-	Linux-PAM 用 pam_timestamp モジュールの pam_timestamp.c におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-2583	2014-04-14 18:04	2014-03-26	Show	GitHub Exploit DB Packet Storm

220037	7.5	危険	Pearson Education, Inc.	-	Pearson eSIS Enterprise Student Information System のパスワードリセット機能における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-1455	2014-04-14 17:52	2014-04-6	Show	GitHub Exploit DB Packet Storm

220038	2.1	注意	CloudBees	-	CloudBees Jenkins におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-2033	2014-04-14 17:38	2013-05-2	Show	GitHub Exploit DB Packet Storm

220039	6.5	警告	レッドハット (KIE Group) レッドハット	-	複数の Red Hat Jboss 製品における任意の Java コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-6468	2014-04-14 17:23	2013-11-4	Show	GitHub Exploit DB Packet Storm

220040	7.5	危険	SAP	-	SAP Business Object Processing Framework for ABAP におけるアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2014-2752	2014-04-14 17:23	2014-03-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292511	-		bouncycastle	legion-of-the-bouncy-castle-java-crytography-api legion-of-the-bouncy-castle-c\#-cryptography-api	The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the …	CWE-310 Cryptographic Issues	CVE-2013-1624	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

292512	-		yassl	cyassl	The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC paddi…	CWE-310 Cryptographic Issues	CVE-2013-1623	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

292513	-		polarssl	polarssl	Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC pa…	CWE-20 Improper Input Validation	CVE-2013-1621	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

292514	-		mozilla canonical oracle redhat	network_security_services ubuntu_linux glassfish_server iplanet_web_proxy_server traffic_director iplanet_web_server vm_server glassfish_communications_server enterprise_manag…	The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC p…	CWE-203 Information Exposure Through Discrepancy	CVE-2013-1620	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

292515	-		gnu	gnutls	The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the pr…	CWE-310 Cryptographic Issues	CVE-2013-1619	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

292516	-		opera	opera_browser	The TLS implementation in Opera before 12.13 does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding, which allows remote attack…	CWE-310 Cryptographic Issues	CVE-2013-1618	2024-11-21 10:50	2013-02-9	Show	GitHub Exploit DB Packet Storm

292517	-		opera	opera_browser	Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.	CWE-352 Origin Validation Error	CVE-2013-1639	2024-11-21 10:50	2013-02-8	Show	GitHub Exploit DB Packet Storm

292518	-		opera	opera_browser	Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document.	CWE-94 Code Injection	CVE-2013-1638	2024-11-21 10:50	2013-02-8	Show	GitHub Exploit DB Packet Storm

292519	-		opera	opera_browser	Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events.	CWE-94 Code Injection	CVE-2013-1637	2024-11-21 10:50	2013-02-8	Show	GitHub Exploit DB Packet Storm

292520	9.8	CRITICAL Network	cardozatechnologies	wordpress_poll	Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and del…	CWE-89 SQL Injection	CVE-2013-1401	2024-11-21 10:49	2020-02-14	Show	GitHub Exploit DB Packet Storm