Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
222521 7.5 危険 X2Go - X2Go Server の setgid wrapper libx2go-server-db-sqlite3-wrapper.c における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-4376 2013-12-11 19:53 2013-05-18 Show GitHub Exploit DB Packet Storm
222522 6.8 警告 AutoTrace project - AutoTrace の input-bmp.c 内の input_bmp_reader 関数における整数アンダーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2013-1953 2013-12-11 19:51 2013-06-28 Show GitHub Exploit DB Packet Storm
222523 7.5 危険 OS4Ed - openSIS の ajax.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-1349 2013-12-11 19:50 2013-05-15 Show GitHub Exploit DB Packet Storm
222524 2.1 注意 CMS Made Simple - CMS Made Simple の admin/editevent.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-3929 2013-12-11 17:45 2013-12-6 Show GitHub Exploit DB Packet Storm
222525 6.8 警告 Sharetronix - Sharetronix におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-5355 2013-12-11 17:36 2013-12-5 Show GitHub Exploit DB Packet Storm
222526 7.5 危険 Sharetronix - Sharetronix における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-5354 2013-12-11 17:35 2013-12-5 Show GitHub Exploit DB Packet Storm
222527 4.7 警告 Linux - Linux Kernel の ipc/shm.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-362
競合状態 		CVE-2013-7026 2013-12-11 17:34 2013-11-29 Show GitHub Exploit DB Packet Storm
222528 4.7 警告 Linux - Linux Kernel の net/ipv6/ip6_fib.c の fib6_add 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-6431 2013-12-11 17:33 2013-10-13 Show GitHub Exploit DB Packet Storm
222529 3.6 注意 Linux - Linux Kernel の kernel/trace/trace_event_perf.c の perf_trace_event_perm 関数における関数のトレースを有効にされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-2930 2013-12-11 17:31 2013-11-29 Show GitHub Exploit DB Packet Storm
222530 6.1 警告 Linux - Linux Kernel の net/wireless/radiotap.c の ieee80211_radiotap_iterator_init 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-7027 2013-12-11 17:29 2013-11-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
273521 5.5 MEDIUM
Local 		freereprintables articlefr Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter. CWE-22
Path Traversal 		CVE-2015-6591 2024-11-21 11:35 2020-01-16 Show GitHub Exploit DB Packet Storm
273522 8.8 HIGH
Network 		magento magento The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before 1.9.2.1 and Enterprise Edition (EE) before 1.14.2.1, when used with PHP before 5.4.… CWE-20
 Improper Input Validation  		CVE-2015-6497 2024-11-21 11:35 2020-01-16 Show GitHub Exploit DB Packet Storm
273523 7.5 HIGH
Network 		cloudera cloudera_manager There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles. CWE-200
Information Exposure 		CVE-2015-6495 2024-11-21 11:35 2019-11-26 Show GitHub Exploit DB Packet Storm
273524 6.1 MEDIUM
Network 		edx edx-platform edx-platform before 2015-09-17 allows XSS via a team name. CWE-79
Cross-site Scripting 		CVE-2015-6960 2024-11-21 11:35 2019-07-30 Show GitHub Exploit DB Packet Storm
273525 8.8 HIGH
Network 		moxa softcms Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-6458 2024-11-21 11:35 2019-03-22 Show GitHub Exploit DB Packet Storm
273526 8.8 HIGH
Network 		moxa softcms Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-6457 2024-11-21 11:35 2019-03-22 Show GitHub Exploit DB Packet Storm
273527 5.4 MEDIUM
Network 		schneider-electric bmxnoc0401_firmware
bmxnoe0100_firmware
bmxnoe0110_firmware
bmxnoe0110h_firmware
bmxnor0200h_firmware
modicon_m340_bmxp342020_firmware
modicon_m340_bmxp342020h_firmware
modicon_m… 		Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, B… CWE-79
Cross-site Scripting 		CVE-2015-6462 2024-11-21 11:35 2019-03-22 Show GitHub Exploit DB Packet Storm
273528 5.4 MEDIUM
Network 		schneider-electric bmxnoc0401_firmware
bmxnoe0100_firmware
bmxnoe0110_firmware
bmxnoe0110h_firmware
bmxnor0200h_firmware
modicon_m340_bmxp342020_firmware
modicon_m340_bmxp342020h_firmware
modicon_m… 		Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP… CWE-20
 Improper Input Validation  		CVE-2015-6461 2024-11-21 11:35 2019-03-22 Show GitHub Exploit DB Packet Storm
273529 5.9 MEDIUM
Network 		atlassian floodlight Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and thread crash) via a stat… CWE-362
CWE-476
Race Condition
 NULL Pointer Dereference 		CVE-2015-6569 2024-11-21 11:35 2018-02-22 Show GitHub Exploit DB Packet Storm
273530 6.1 MEDIUM
Network 		combodo itop Cross-site scripting (XSS) vulnerability in application/dashboard.class.inc.php in Combodo iTop before 2.2.0-2459 allows remote attackers to inject arbitrary web script or HTML via a dashboard title. CWE-79
Cross-site Scripting 		CVE-2015-6544 2024-11-21 11:35 2018-02-21 Show GitHub Exploit DB Packet Storm