Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
221931 7.5 危険 Google - Google Chrome で使用される Blink の core/rendering/svg/RenderSVGImage.cpp におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-6649 2014-01-30 10:19 2014-01-27 Show GitHub Exploit DB Packet Storm
221932 3.3 注意 Software in the Public Interest - axiom の axiom-test.sh における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2014-1640 2014-01-30 10:13 2014-01-22 Show GitHub Exploit DB Packet Storm
221933 3.3 注意 Patrick Ohly - SyncEvolution の syncevo/installcheck-local.sh における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2014-1639 2014-01-30 10:08 2014-01-23 Show GitHub Exploit DB Packet Storm
221934 3.3 注意 Debian - localepurge の debian/postrm および debian/localepurge.config における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2014-1638 2014-01-30 10:05 2014-01-26 Show GitHub Exploit DB Packet Storm
221935 3.3 注意 Thomas Kluyver - python-xdg の xdg.BaseDirectory.get_runtime_dir 関数における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2014-1624 2014-01-30 09:59 2014-01-21 Show GitHub Exploit DB Packet Storm
221936 4.3 警告 マカフィー - McAfee Vulnerability Manager の index.exp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5094 2014-01-29 18:03 2013-03-8 Show GitHub Exploit DB Packet Storm
221937 2.1 注意 Python Software Foundation - RPLY の parsergenerator.py のパーサキャッシュ機能におけるキャッシュデータを偽装される脆弱性 CWE-DesignError
CVE-2014-1604 2014-01-29 16:27 2014-01-18 Show GitHub Exploit DB Packet Storm
221938 2.1 注意 Starbucks Coffee Company - iOS 用 Starbucks アプリケーションにおけるユーザ名などの情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2014-0647 2014-01-29 16:20 2014-01-13 Show GitHub Exploit DB Packet Storm
221939 7.2 危険 Detlef Pilzecker - Perl 用 Proc::Daemon モジュールにおける脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-7135 2014-01-29 15:00 2013-12-16 Show GitHub Exploit DB Packet Storm
221940 10 危険 Enghouse Interactive - Enghouse Interactive IVR Pro の Enghouse Interactive Professional Services の不特定の "アドオン製品" における権限を取得される脆弱性 CWE-310
暗号の問題 		CVE-2013-6838 2014-01-29 14:50 2013-11-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
273541 6.1 MEDIUM
Network 		theholidaycalendar holiday_calendar XSS exists in the the-holiday-calendar plugin before 1.11.3 for WordPress via the thc-month parameter. CWE-79
Cross-site Scripting 		CVE-2015-9270 2024-11-21 11:40 2018-10-2 Show GitHub Exploit DB Packet Storm
273542 7.5 HIGH
Network 		wpmobilepack wordpress_mobile_pack The export/content.php exportarticle feature in the wordpress-mobile-pack plugin before 2.1.3 2015-06-03 for WordPress allows remote attackers to obtain sensitive information because the content of a… CWE-200
Information Exposure 		CVE-2015-9269 2024-11-21 11:40 2018-10-2 Show GitHub Exploit DB Packet Storm
273543 7.8 HIGH
Local 		nullsoft
debian 		nullsoft_scriptable_install_system
debian_linux 		Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the depend… CWE-20
 Improper Input Validation  		CVE-2015-9268 2024-11-21 11:40 2018-10-1 Show GitHub Exploit DB Packet Storm
273544 5.5 MEDIUM
Local 		nullsoft
debian 		nullsoft_scriptable_install_system
debian_linux 		Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or th… CWE-269
 Improper Privilege Management 		CVE-2015-9267 2024-11-21 11:40 2018-10-1 Show GitHub Exploit DB Packet Storm
273545 9.8 CRITICAL
Network 		ui
ubnt 		airmax_ac_firmware
airmax_m_xm_firmware
airmax_m_xw_firmware
airmax_m_ti_firmware
airgateway_firmware
airfiber_af24_firmware
airfiber_af24hd_firmware
af5x_firmware
af5_firmwar… 		The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory t… CWE-22
Path Traversal 		CVE-2015-9266 2024-11-21 11:40 2018-09-6 Show GitHub Exploit DB Packet Storm
273546 9.8 CRITICAL
Network 		lansweeper lansweeper Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute arbitrary code on the administrator's workstation via a crafted Windows service. CWE-20
 Improper Input Validation  		CVE-2015-9264 2024-11-21 11:40 2018-08-27 Show GitHub Exploit DB Packet Storm
273547 9.8 CRITICAL
Network 		idera uptime_infrastructure_monitor An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (build 13). It allows an attacker to upload an arbitrary file, such as a .php file that can execute a… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2015-9263 2024-11-21 11:40 2018-08-27 Show GitHub Exploit DB Packet Storm
273548 9.8 CRITICAL
Network 		debian
canonical
x
redhat 		debian_linux
ubuntu_linux
libxcursor
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
ansible_tower 		_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-9262 2024-11-21 11:40 2018-08-2 Show GitHub Exploit DB Packet Storm
273549 5.5 MEDIUM
Local 		busybox
debian
canonical 		busybox
debian_linux
ubuntu_linux 		huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file. CWE-476
 NULL Pointer Dereference 		CVE-2015-9261 2024-11-21 11:40 2018-07-27 Show GitHub Exploit DB Packet Storm
273550 5.4 MEDIUM
Network 		bedita bedita An issue was discovered in BEdita before 3.7.0. A cross-site scripting (XSS) attack occurs via a crafted pages/showObjects URI, as demonstrated by appending a payload to a pages/showObjects/2/0/0/lea… CWE-79
Cross-site Scripting 		CVE-2015-9260 2024-11-21 11:40 2018-07-5 Show GitHub Exploit DB Packet Storm