Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
221921	7.2	危険	ジュニパーネットワークス	-	Juniper Junos における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0615	2014-01-30 14:16	2014-01-9	Show	GitHub Exploit DB Packet Storm

221922	4.9	警告	シスコシステムズ	-	Cisco WebEx Meetings Server における認証チェックを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0682	2014-01-30 13:57	2014-01-29	Show	GitHub Exploit DB Packet Storm

221923	4.3	警告	シスコシステムズ	-	Cisco Identity Services Engine におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0681	2014-01-30 13:56	2014-01-28	Show	GitHub Exploit DB Packet Storm

221924	4.3	警告	シスコシステムズ	-	Cisco Identity Services Engine の NAC Web Agent コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0680	2014-01-30 13:56	2014-01-29	Show	GitHub Exploit DB Packet Storm

221925	7.5	危険	IBM	-	IBM Tivoli Application Dependency Discovery Manager における認証チェックを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-2974	2014-01-30 12:21	2013-04-12	Show	GitHub Exploit DB Packet Storm

221926	10	危険	Google	-	Google Chrome における脆弱性	CWE-noinfo 情報不足	CVE-2014-1681	2014-01-30 10:20	2014-01-27	Show	GitHub Exploit DB Packet Storm

221927	7.5	危険	Google	-	Google Chrome で使用される Google V8 の store-buffer.cc におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-6650	2014-01-30 10:19	2014-01-27	Show	GitHub Exploit DB Packet Storm

221928	7.5	危険	Google	-	Google Chrome で使用される Blink の core/rendering/svg/RenderSVGImage.cpp におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-6649	2014-01-30 10:19	2014-01-27	Show	GitHub Exploit DB Packet Storm

221929	3.3	注意	Software in the Public Interest	-	axiom の axiom-test.sh における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2014-1640	2014-01-30 10:13	2014-01-22	Show	GitHub Exploit DB Packet Storm

221930	3.3	注意	Patrick Ohly	-	SyncEvolution の syncevo/installcheck-local.sh における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2014-1639	2014-01-30 10:08	2014-01-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
273101	6.1	MEDIUM Network	monitorbacklinks	incoming_links	The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header.	CWE-79 Cross-site Scripting	CVE-2015-9472	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

273102	9.8	CRITICAL Network	digitalzoomstudio	zoomsounds	The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2015-9471	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

273103	7.5	HIGH Network	ionadas	history_collection	The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter.	CWE-22 Path Traversal	CVE-2015-9470	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

273104	4.8	MEDIUM Network	cybercraftit	content-grabber	The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id.	CWE-79 Cross-site Scripting	CVE-2015-9469	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

273105	6.1	MEDIUM Network	k-78	broken_link_manager	The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action.	CWE-79 Cross-site Scripting	CVE-2015-9468	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

273106	9.8	CRITICAL Network	k-78	broken_link_manager	The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter.	CWE-89 SQL Injection	CVE-2015-9467	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

273107	9.8	CRITICAL Network	webtechideas	wti_like_post	The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HTTP_FORWARDED vari…	CWE-89 SQL Injection	CVE-2015-9466	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

273108	8.8	HIGH Network	yet_another_stars_rating_project	yet_another_stars_rating	The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.	CWE-89 SQL Injection	CVE-2015-9465	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

273109	7.5	HIGH Network	s3bubble	s3bubble-amazon-s3-audio-streaming	The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter.	CWE-22 Path Traversal	CVE-2015-9463	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

273110	7.5	HIGH Network	s3bubble	s3bubble-amazon-s3-html-5-video-with-adverts	The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter.	CWE-22 Path Traversal	CVE-2015-9464	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm