Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
220181	6.5	警告	Skyphe.org	-	WordPress 用 File Gallery プラグインにおける任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2014-2558	2014-05-8 14:05	2014-04-13	Show	GitHub Exploit DB Packet Storm

220182	4.4	警告	Nagios Enterprises, LLC	-	Nagios Plugins の contrib/check_ipxping.c の IPXPING_COMMAND における権限を取得される脆弱性	CWE-59 リンク解釈の問題	CVE-2013-4215	2014-05-8 14:04	2013-04-28	Show	GitHub Exploit DB Packet Storm

220183	4.3	警告	Best Practical Solutions	-	Request Tracker の MobileUI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3736	2014-05-8 13:53	2013-06-12	Show	GitHub Exploit DB Packet Storm

220184	7.5	危険	PHP-Fusion	-	PHP-Fusion の includes/classes/Authenticate.class.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-7375	2014-05-8 12:21	2013-02-16	Show	GitHub Exploit DB Packet Storm

220185	7.5	危険	PHP-Fusion	-	PHP-Fusion における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-1803	2014-05-8 12:20	2013-01-27	Show	GitHub Exploit DB Packet Storm

220186	7.5	危険	LiveZilla	-	LiveZilla の _lib/functions.global.inc.php の setCookieValue 関数における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-7034	2014-05-8 12:11	2013-12-10	Show	GitHub Exploit DB Packet Storm

220187	4.3	警告	LiveZilla	-	LiveZilla におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-7003	2014-05-8 12:10	2013-12-10	Show	GitHub Exploit DB Packet Storm

220188	6.8	警告	Sitepark	-	Sitepark Information Enterprise Server における manager アカウントのパスワードを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-3006	2014-05-8 11:40	2014-04-3	Show	GitHub Exploit DB Packet Storm

220189	6.3	警告	David Leonard	-	pktstat の tmp_smtp.c における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2013-0350	2014-05-8 11:34	2013-02-23	Show	GitHub Exploit DB Packet Storm

220190	4.3	警告	Fedora Project Randall Hand	-	Yerase's TNEF Stream Reader の ytnef.c 内の DecompressRTF 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2010-5109	2014-05-8 11:21	2010-02-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292091	-	tiki	tikiwiki_cms\/groupware	Cross-site scripting (XSS) vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to inject arbitrary web s…	CWE-79 Cross-site Scripting	CVE-2013-4714	2024-11-21 10:56	2013-11-7	Show	GitHub Exploit DB Packet Storm

292092	-	hp	loadrunner	Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vector…	NVD-CWE-noinfo	CVE-2013-4839	2024-11-21 10:56	2013-11-5	Show	GitHub Exploit DB Packet Storm

292093	-	hp	loadrunner	Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.	NVD-CWE-noinfo	CVE-2013-4838	2024-11-21 10:56	2013-11-5	Show	GitHub Exploit DB Packet Storm

292094	-	hp	loadrunner	Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.	NVD-CWE-noinfo	CVE-2013-4837	2024-11-21 10:56	2013-11-5	Show	GitHub Exploit DB Packet Storm

292095	-	hp	alm_synchronizer	Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute a…	NVD-CWE-noinfo	CVE-2013-4836	2024-11-21 10:56	2013-11-5	Show	GitHub Exploit DB Packet Storm

292096	-	hp	sitescope	The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd me…	NVD-CWE-noinfo	CVE-2013-4835	2024-11-21 10:56	2013-11-5	Show	GitHub Exploit DB Packet Storm

292097	-	hp	application_lifecycle_management	Unspecified vulnerability in the client component in HP Application LifeCycle Management (ALM) before 11 p11 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1327.	NVD-CWE-noinfo	CVE-2013-4834	2024-11-21 10:56	2013-11-5	Show	GitHub Exploit DB Packet Storm

292098	-	iodata	rockdisk_firmware rockdisk	Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2013-4713	2024-11-21 10:56	2013-11-1	Show	GitHub Exploit DB Packet Storm

292099	-	nmap opensuse	nmap opensuse	The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in …	NVD-CWE-Other	CVE-2013-4885	2024-11-21 10:56	2013-10-27	Show	GitHub Exploit DB Packet Storm

292100	-	puppet	puppet_enterprise	Puppet Enterprise before 3.1.0 does not properly restrict the number of authentication attempts by a console account, which makes it easier for remote attackers to bypass intended access restrictions…	CWE-287 Improper Authentication	CVE-2013-4965	2024-11-21 10:56	2013-10-26	Show	GitHub Exploit DB Packet Storm