Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224291 4.3 警告 F5 Networks - F5 BIG-IP APM のアクセスポリシーのログアウトページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5976 2013-10-4 11:03 2013-09-19 Show GitHub Exploit DB Packet Storm
224292 4.3 警告 F5 Networks - F5 BIG-IP APM のアクセスポリシーのログオンページにおけるクリックジャッキング攻撃を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5975 2013-10-4 10:59 2013-09-18 Show GitHub Exploit DB Packet Storm
224293 5 警告 IBM - IBM DB2 Enterprise Server Edition および Advanced Enterprise Server Edition におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4032 2013-10-3 18:58 2013-09-30 Show GitHub Exploit DB Packet Storm
224294 4.9 警告 DELL EMC (旧 EMC Corporation) - EMC VPLEX における重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2013-3278 2013-10-3 16:12 2013-09-26 Show GitHub Exploit DB Packet Storm
224295 5 警告 Metaclassy - iOS 用 Metaclassy Byword アプリケーションにおける任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5725 2013-10-3 15:07 2013-09-29 Show GitHub Exploit DB Packet Storm
224296 6.3 警告 シスコシステムズ - Cisco TelePresence Multipoint Switch デバイスの Media Snapshot の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-5516 2013-10-3 15:03 2013-09-30 Show GitHub Exploit DB Packet Storm
224297 4.3 警告 IBM - IBM Rational ClearQuest の Web クライアントにおける重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2013-3041 2013-10-3 14:59 2013-09-16 Show GitHub Exploit DB Packet Storm
224298 6.2 警告 シスコシステムズ - Cisco Unified Computing System の Baseboard Management Controller における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4096 2013-10-3 14:52 2013-10-1 Show GitHub Exploit DB Packet Storm
224299 4.3 警告 X2Engine - X2Engine X2CRM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5693 2013-10-3 14:45 2013-09-10 Show GitHub Exploit DB Packet Storm
224300 8.5 危険 X2Engine - X2Engine X2CRM におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-5692 2013-10-3 14:42 2013-09-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
279281 7.5 HIGH
Network 		evergreen-ils evergreen Evergreen before 2.5.9, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to bypass an intended access restriction and obtain sensitive information about org unit settings by leverag… CWE-200
Information Exposure 		CVE-2015-2204 2024-11-21 11:26 2018-02-2 Show GitHub Exploit DB Packet Storm
279282 6.5 MEDIUM
Network 		evergreen-ils evergreen Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users with STAFF_LOGIN permission to obtain sensitive settings history information by leveraging listing of open-ils.pcrud as a controlle… CWE-200
Information Exposure 		CVE-2015-2203 2024-11-21 11:26 2018-02-2 Show GitHub Exploit DB Packet Storm
279283 5.3 MEDIUM
Network 		apache cordova Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables… CWE-20
 Improper Input Validation  		CVE-2015-1835 2024-11-21 11:26 2017-10-28 Show GitHub Exploit DB Packet Storm
279284 7.5 HIGH
Network 		netty
playframework
lightbend 		netty
play_framework 		Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly f… CWE-20
 Improper Input Validation  		CVE-2015-2156 2024-11-21 11:26 2017-10-19 Show GitHub Exploit DB Packet Storm
279285 4.8 MEDIUM
Network 		phpbugtracker_project phpbugtracker Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker phpBugTracker before 1.7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. CWE-79
Cross-site Scripting 		CVE-2015-2148 2024-11-21 11:26 2017-10-7 Show GitHub Exploit DB Packet Storm
279286 9.8 CRITICAL
Network 		phpbugtracker_project phpbugtracker Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. CWE-89
SQL Injection 		CVE-2015-2147 2024-11-21 11:26 2017-10-7 Show GitHub Exploit DB Packet Storm
279287 9.8 CRITICAL
Network 		phpbugtracker_project phpbugtracker Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to project.php, the (2) group_id pa… CWE-89
SQL Injection 		CVE-2015-2146 2024-11-21 11:26 2017-10-7 Show GitHub Exploit DB Packet Storm
279288 4.8 MEDIUM
Network 		phpbugtracker_project phpbugtracker Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. CWE-79
Cross-site Scripting 		CVE-2015-2145 2024-11-21 11:26 2017-10-7 Show GitHub Exploit DB Packet Storm
279289 4.8 MEDIUM
Network 		phpbugtracker_project phpbugtracker Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) project name paramet… CWE-79
Cross-site Scripting 		CVE-2015-2144 2024-11-21 11:26 2017-10-7 Show GitHub Exploit DB Packet Storm
279290 8.8 HIGH
Network 		phpbugtracker_project phpbugtracker Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to hijack the authentication of users for requests that cause an unspecifi… CWE-352
 Origin Validation Error 		CVE-2015-2143 2024-11-21 11:26 2017-10-7 Show GitHub Exploit DB Packet Storm