Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
220681 7.5 危険 Ariel Sanders - WordPress 用 Lead Octopus プラグインの lib/optin/optin_page.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5189 2014-08-8 18:54 2014-07-28 Show GitHub Exploit DB Packet Storm
220682 5 警告 Tom M8te project - WordPress 用 Tom M8te プラグインにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-5187 2014-08-8 18:48 2014-05-28 Show GitHub Exploit DB Packet Storm
220683 6.5 警告 Vinoth Kumar - WordPress 用 All Video Gallery プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5186 2014-08-8 18:46 2014-05-28 Show GitHub Exploit DB Packet Storm
220684 6 警告 Quartz plugin project - WordPress 用 Quartz プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5185 2014-08-8 18:45 2014-05-28 Show GitHub Exploit DB Packet Storm
220685 6.5 警告 Brad Hawkins - WordPress 用 stripShow プラグインの stripshow-storylines ページにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5184 2014-08-8 18:44 2014-05-28 Show GitHub Exploit DB Packet Storm
220686 6.5 警告 Jesse Cortez - WordPress 用 Simple Retail Menus プラグインの includes/mode-edit.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5183 2014-08-8 18:43 2014-02-19 Show GitHub Exploit DB Packet Storm
220687 6 警告 ostenta - WordPress 用 yawpp プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5182 2014-08-8 18:42 2014-01-7 Show GitHub Exploit DB Packet Storm
220688 5 警告 Last.fm Rotation plugin project - WordPress 用 Last.fm Rotation プラグインの lastfm-proxy.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-5181 2014-08-8 18:40 2014-05-28 Show GitHub Exploit DB Packet Storm
220689 6.5 警告 HDW Player - WordPress 用 HDW Player プラグインのビデオページにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5180 2014-08-8 18:39 2014-05-28 Show GitHub Exploit DB Packet Storm
220690 7.5 危険 Vinoth Kumar - WordPress 用 All Video Gallery プラグインにおける脆弱性 CWE-noinfo
情報不足 		CVE-2012-6653 2014-08-8 18:36 2012-11-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292551 - ibm operational_decision_manager Cross-site request forgery (CSRF) vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows… CWE-352
 Origin Validation Error 		CVE-2014-0944 2024-11-21 11:03 2014-05-9 Show GitHub Exploit DB Packet Storm
292552 - ibm lotus_inotes
lotus_domino 		Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka S… CWE-79
Cross-site Scripting 		CVE-2014-0913 2024-11-21 11:03 2014-05-9 Show GitHub Exploit DB Packet Storm
292553 - ibm security_access_manager_for_web_appliance
security_access_manager_for_web_software 		The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote atta… CWE-399
 Resource Management Errors 		CVE-2014-0963 2024-11-21 11:03 2014-05-8 Show GitHub Exploit DB Packet Storm
292554 - ibm vios
aix 		The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT… NVD-CWE-noinfo
CVE-2014-0930 2024-11-21 11:03 2014-05-8 Show GitHub Exploit DB Packet Storm
292555 - ibm websphere_mq inetd in IBM WebSphere MQ 7.1.x before 7.1.0.5 and 7.5.x before 7.5.0.4 allows remote attackers to cause a denial of service (disk or CPU consumption) via unspecified vectors. NVD-CWE-noinfo
CVE-2014-0911 2024-11-21 11:03 2014-05-7 Show GitHub Exploit DB Packet Storm
292556 - ibm tivoli_netcool\/omnibus Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script … CWE-79
Cross-site Scripting 		CVE-2014-0942 2024-11-21 11:03 2014-05-2 Show GitHub Exploit DB Packet Storm
292557 - ibm tivoli_netcool\/omnibus Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script … CWE-79
Cross-site Scripting 		CVE-2014-0941 2024-11-21 11:03 2014-05-2 Show GitHub Exploit DB Packet Storm
292558 - ibm websphere_application_server IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information via a crafted request. CWE-200
Information Exposure 		CVE-2014-0896 2024-11-21 11:03 2014-05-2 Show GitHub Exploit DB Packet Storm
292559 - livetecs timeline Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credential… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-1217 2024-11-21 11:03 2014-04-28 Show GitHub Exploit DB Packet Storm
292560 - fitnesse fitnesse_wiki FitNesse Wiki 20131110, 20140201, and earlier allows remote attackers to execute arbitrary commands by defining a COMMAND_PATTERN and TEST_RUNNER in the pageContent parameter when editing a page. NVD-CWE-Other
CVE-2014-1216 2024-11-21 11:03 2014-04-22 Show GitHub Exploit DB Packet Storm