Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223821 4.3 警告 Dave Thomas
Ruby-lang.org		 - Ruby で使用される RDoc の darkfish.js におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0256 2013-06-12 17:40 2013-02-6 Show GitHub Exploit DB Packet Storm
223822 10 危険 オラクル - Oracle Java SE の JavaFX における脆弱性 CWE-noinfo
情報不足 		CVE-2013-0439 2013-06-12 17:28 2013-02-1 Show GitHub Exploit DB Packet Storm
223823 5 警告 Apache Software Foundation - Apache CXF における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2013-0239 2013-06-12 16:56 2013-01-25 Show GitHub Exploit DB Packet Storm
223824 1.9 注意 Linux - Linux Kernel の net/bluetooth/hidp/core.c における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-0349 2013-06-12 16:42 2013-02-3 Show GitHub Exploit DB Packet Storm
223825 6.2 警告 Linux - 32-bit Xen paravirt_ops プラットフォーム上で稼働する Linux Kernel における権限を取得される脆弱性 CWE-189
数値処理の問題 		CVE-2013-0228 2013-06-12 16:41 2013-02-17 Show GitHub Exploit DB Packet Storm
223826 6 警告 OpenStack
Canonical		 - 複数の OpenStack 製品における VM へのアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0335 2013-06-12 16:39 2013-02-16 Show GitHub Exploit DB Packet Storm
223827 6.8 警告 QNAP Systems - QNAP VioStor NVR のファームウェア上で稼働する cgi-bin/create_user.cgi におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-0144 2013-06-12 15:11 2013-06-5 Show GitHub Exploit DB Packet Storm
223828 6.5 警告 QNAP Systems - QNAP VioStor NVR のファームウェア上で稼働する cgi-bin/pingping.cgi および QNAP 製 NAS 製品の Surveillance Station Pro における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-0143 2013-06-12 15:10 2013-06-5 Show GitHub Exploit DB Packet Storm
223829 5 警告 QNAP Systems - QNAP VioStor NVR のファームウェアおよび QNAP 製 NAS 製品の Surveillance Station Pro における Web サーバにログインされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2013-0142 2013-06-12 15:10 2013-06-5 Show GitHub Exploit DB Packet Storm
223830 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の Web コンソールにおけるクローム特権で任意の JavaScript コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-3980 2013-06-11 18:07 2012-08-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
277981 - google chrome content/renderer/device_sensors/device_orientation_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate gyroscope data, which makes it easier for remote a… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-9689 2024-11-21 11:21 2015-03-9 Show GitHub Exploit DB Packet Storm
277982 - ninjaforms ninja_forms Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users. NVD-CWE-noinfo
CVE-2014-9688 2024-11-21 11:21 2015-03-6 Show GitHub Exploit DB Packet Storm
277983 - canonical
linux 		ubuntu_linux
linux_kernel 		Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buf… CWE-189
Numeric Errors 		CVE-2014-9683 2024-11-21 11:21 2015-03-3 Show GitHub Exploit DB Packet Storm
277984 - linux
debian
canonical
oracle 		linux_kernel
debian_linux
ubuntu_linux
linux 		The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the… CWE-269
 Improper Privilege Management 		CVE-2014-9644 2024-11-21 11:21 2015-03-2 Show GitHub Exploit DB Packet Storm
277985 - dns-sync_project dns-sync The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function. CWE-77
Command Injection 		CVE-2014-9682 2024-11-21 11:21 2015-02-28 Show GitHub Exploit DB Packet Storm
277986 - ffmpeg ffmpeg The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memo… NVD-CWE-Other
CVE-2014-9676 2024-11-21 11:21 2015-02-28 Show GitHub Exploit DB Packet Storm
277987 - vanillaforums vanilla_forums
vanilla 		Multiple cross-site scripting (XSS) vulnerabilities in Vanilla Forums before 2.0.18.13 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2014-9685 2024-11-21 11:21 2015-02-26 Show GitHub Exploit DB Packet Storm
277988 - openstack image_registry_and_delivery_service_\(glance\) OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption)… CWE-399
 Resource Management Errors 		CVE-2014-9684 2024-11-21 11:21 2015-02-25 Show GitHub Exploit DB Packet Storm
277989 - apple cups Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which trigger… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-9679 2024-11-21 11:21 2015-02-20 Show GitHub Exploit DB Packet Storm
277990 - samba
opensuse
oracle 		rsync
opensuse
solaris 		rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path. CWE-59
Link Following 		CVE-2014-9512 2024-11-21 11:21 2015-02-13 Show GitHub Exploit DB Packet Storm