Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
220751	4.3	警告	fbpromotions project	-	WordPress 用 Bugs Go Viral : Facebook Promotion Generator プラグインの admin/swarm-settings.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4528	2014-07-3 15:49	2014-05-28	Show	GitHub Exploit DB Packet Storm

220752	4.3	警告	Diverse Solutions	-	WordPress 用 dsIDXpress IDX プラグインの client-assist.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4521	2014-07-3 15:48	2014-04-25	Show	GitHub Exploit DB Packet Storm

220753	4.3	警告	NewClarity	-	WordPress 用 DMCA WaterMarker プラグインの phprack.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4520	2014-07-3 15:47	2014-05-28	Show	GitHub Exploit DB Packet Storm

220754	4.3	警告	Dcoda	-	WordPress 用 Contact Form by ContactMe.com プラグインの xd_resize.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4518	2014-07-3 15:46	2014-04-25	Show	GitHub Exploit DB Packet Storm

220755	4.3	警告	BIC Media Widget plugin	-	WordPress 用 BIC Media Widget プラグインの bicm-carousel-preview.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4516	2014-07-3 15:45	2014-05-28	Show	GitHub Exploit DB Packet Storm

220756	4.3	警告	Aanyfont plugin project	-	WordPress 用 AnyFont プラグインの mce_anyfont/dialog.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4515	2014-07-3 15:45	2014-05-28	Show	GitHub Exploit DB Packet Storm

220757	4.3	警告	ActiveHelper	-	WordPress 用 ActiveHelper LiveHelp Live Chat プラグインの server/offline.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4513	2014-07-3 15:44	2014-05-28	Show	GitHub Exploit DB Packet Storm

220758	3.5	注意	DELL EMC (旧 EMC Corporation)	-	EMC Documentum eRoom におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-2512	2014-07-3 09:51	2014-06-30	Show	GitHub Exploit DB Packet Storm

220759	5.4	警告	DELL EMC (旧 EMC Corporation)	-	EMC Network Configuration Manager の Report Advisor コンポーネントにおける Web セッションをハイジャックされる脆弱性	CWE-Other その他	CVE-2014-2509	2014-07-3 09:47	2014-06-30	Show	GitHub Exploit DB Packet Storm

220760	4	警告	株式会社アイ・オー・データ機器	-	RockDisk におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-4713	2014-07-2 14:08	2013-10-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
295071	-		linux	linux_kernel	Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequen…	CWE-189 Numeric Errors	CVE-2013-4511	2024-11-21 10:55	2013-11-12	Show	GitHub Exploit DB Packet Storm

295072	-		openbsd	openssh	The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4548	2024-11-21 10:55	2013-11-9	Show	GitHub Exploit DB Packet Storm

295073	7.5	HIGH Network	lighttpd debian opensuse	lighttpd debian_linux opensuse	lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obta…	CWE-326 Inadequate Encryption Strength	CVE-2013-4508	2024-11-21 10:55	2013-11-8	Show	GitHub Exploit DB Packet Storm

295074	-		openstack	havana grizzly folsom	The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4497	2024-11-21 10:55	2013-11-6	Show	GitHub Exploit DB Packet Storm

295075	-		ldap-account-manager	ldap_account_manager	Cross-site scripting (XSS) vulnerability in templates/login.php in LDAP Account Manager (LAM) 4.3 and 4.2.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter.	CWE-79 Cross-site Scripting	CVE-2013-4453	2024-11-21 10:55	2013-11-6	Show	GitHub Exploit DB Packet Storm

295076	-		libguestfs suse novell	libguestfs suse_linux_enterprise_software_development_kit suse_linux_enterprise_server	The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4419	2024-11-21 10:55	2013-11-6	Show	GitHub Exploit DB Packet Storm

295077	-		saltstack	salt	Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4439	2024-11-21 10:55	2013-11-6	Show	GitHub Exploit DB Packet Storm

295078	-		saltstack	salt	Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to …	CWE-94 Code Injection	CVE-2013-4438	2024-11-21 10:55	2013-11-6	Show	GitHub Exploit DB Packet Storm

295079	-		saltstack	salt	Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."	NVD-CWE-noinfo	CVE-2013-4437	2024-11-21 10:55	2013-11-6	Show	GitHub Exploit DB Packet Storm

295080	-		saltstack	salt	The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle …	CWE-20 Improper Input Validation	CVE-2013-4436	2024-11-21 10:55	2013-11-6	Show	GitHub Exploit DB Packet Storm