Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
221211	5	警告	Puppet	-	Puppet Enterprise における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4971	2014-03-11 14:43	2013-07-29	Show	GitHub Exploit DB Packet Storm

221212	6.4	警告	Puppet	-	Puppet Enterprise のマスタの外部ノード分類スクリプトにおけるマスタに任意の分類を作成される脆弱性	CWE-287 不適切な認証	CVE-2013-4966	2014-03-11 14:42	2013-07-29	Show	GitHub Exploit DB Packet Storm

221213	6.8	警告	Free Document Management Software	-	OpenDocMan の ajax_udf.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-2317	2014-03-11 14:39	2014-02-24	Show	GitHub Exploit DB Packet Storm

221214	7.5	危険	Free Document Management Software	-	OpenDocMan の ajax_udf.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-1945	2014-03-11 14:39	2014-02-24	Show	GitHub Exploit DB Packet Storm

221215	4.3	警告	ilch.de	-	Ilch CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-1944	2014-03-11 14:38	2014-02-19	Show	GitHub Exploit DB Packet Storm

221216	4.3	警告	Engineering Ingegneria Informatica	-	SpagoBI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-6233	2014-03-11 14:37	2013-12-16	Show	GitHub Exploit DB Packet Storm

221217	3.5	注意	Engineering Ingegneria Informatica	-	SpagoBI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-6232	2014-03-11 14:36	2013-12-16	Show	GitHub Exploit DB Packet Storm

221218	4.3	警告	Sprint Airvana LP	-	Airvana HubBub C1-600-RT および Sprint AIRAVE の管理ページにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-2270	2014-03-11 14:19	2013-02-27	Show	GitHub Exploit DB Packet Storm

221219	5	警告	IBM	-	IBM Cognos Business Intelligence のサーバにおける任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0854	2014-03-10 18:40	2014-02-14	Show	GitHub Exploit DB Packet Storm

221220	7.1	危険	シスコシステムズ	-	Cisco IPS ソフトウェアの produce-verbose-alert 機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-0718	2014-03-10 18:40	2014-02-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2691	8.7	HIGH Network	-	-	CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability in the ticket reply notification system. Unsanitize…	CWE-79 Cross-site Scripting	CVE-2026-34241	2026-05-21 01:16	2026-05-20	Show	GitHub Exploit DB Packet Storm

2692	5.5	MEDIUM Local	-	-	Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.6.14 and prior contain a Denial of Service (DoS) vulnerability in the title input …	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2025-57798	2026-05-21 01:16	2026-05-20	Show	GitHub Exploit DB Packet Storm

2693	8.7	HIGH Network	adobe	commerce commerce_b2b magento	Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') …	CWE-22 Path Traversal	CVE-2026-34653	2026-05-21 01:02	2026-05-13	Show	GitHub Exploit DB Packet Storm

2694	5.3	MEDIUM Network	adobe	commerce commerce_b2b magento	Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i…	NVD-CWE-Other	CVE-2026-34654	2026-05-21 01:02	2026-05-13	Show	GitHub Exploit DB Packet Storm

2695	4.8	MEDIUM Network	adobe	commerce commerce_b2b magento	Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-p…	CWE-79 Cross-site Scripting	CVE-2026-34655	2026-05-21 00:59	2026-05-13	Show	GitHub Exploit DB Packet Storm

2696	4.3	MEDIUM Network	adobe	commerce commerce_b2b magento	Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature by…	CWE-285 Improper Authorization	CVE-2026-34656	2026-05-21 00:58	2026-05-13	Show	GitHub Exploit DB Packet Storm

2697	4.8	MEDIUM Network	adobe	commerce commerce_b2b magento	Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-p…	CWE-79 Cross-site Scripting	CVE-2026-34658	2026-05-21 00:50	2026-05-13	Show	GitHub Exploit DB Packet Storm

2698	3.4	LOW Network	adobe	commerce commerce_b2b magento	Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier [NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Sec…	CWE-20 Improper Input Validation	CVE-2026-34685	2026-05-21 00:48	2026-05-13	Show	GitHub Exploit DB Packet Storm

2699	8.6	HIGH Network	mozilla	firefox thunderbird	Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.	CWE-668 CWE-693 Exposure of Resource to Wrong Sphere Protection Mechanism Failure	CVE-2026-8958	2026-05-21 00:01	2026-05-19	Show	GitHub Exploit DB Packet Storm

2700	9.3	CRITICAL Network	mozilla	firefox thunderbird	Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.	CWE-346 Origin Validation Error	CVE-2026-8950	2026-05-21 00:00	2026-05-19	Show	GitHub Exploit DB Packet Storm