Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224701	7.2	危険	Google LG Electronics	-	LG Optimus G E973 上の Android 用 LG Hidden Menu における任意のコマンドを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-3666	2013-05-30 16:39	2013-05-23	Show	GitHub Exploit DB Packet Storm

224702	6.8	警告	IBM	-	UNIX 用の IBM Sterling Connect:Direct におけるファイルシステムの読み取り権限および書き込み権限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-2989	2013-05-30 16:37	2013-05-14	Show	GitHub Exploit DB Packet Storm

224703	4.3	警告	IBM	-	IBM Tivoli Monitoring の Tivoli Enterprise Portal browser クライアントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0576	2013-05-30 16:36	2013-05-17	Show	GitHub Exploit DB Packet Storm

224704	4.3	警告	IBM	-	IBM WebSphere DataPower SOA アプライアンスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0499	2013-05-30 16:34	2013-05-17	Show	GitHub Exploit DB Packet Storm

224705	7.2	危険	レッドハット	-	Red Hat livecd-tools における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-2069	2013-05-30 14:07	2013-05-23	Show	GitHub Exploit DB Packet Storm

224706	4.9	警告	マイクロソフト	-	Microsoft Windows の win32k.sys の EPATHOBJ::bFlatten 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-22 パス・トラバーサル	CVE-2013-3661	2013-05-29 16:54	2013-05-17	Show	GitHub Exploit DB Packet Storm

224707	5	警告	IBM	-	IBM InfoSphere Optim Data Growth for Oracle E-Business Suite における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2013-2959	2013-05-29 16:37	2013-05-13	Show	GitHub Exploit DB Packet Storm

224708	3.5	注意	IBM	-	IBM InfoSphere Optim Data Growth for Oracle E-Business Suite におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-2957	2013-05-29 16:37	2013-05-13	Show	GitHub Exploit DB Packet Storm

224709	7.5	危険	IBM	-	IBM InfoSphere Optim Data Growth for Oracle E-Business Suite における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-2956	2013-05-29 16:36	2013-05-13	Show	GitHub Exploit DB Packet Storm

224710	3.5	注意	IBM	-	IBM InfoSphere Optim Data Growth for Oracle E-Business Suite におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-2955	2013-05-29 16:35	2013-05-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
278601	-	linux redhat suse opensuse fedoraproject debian canonical	linux_kernel enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_aus enterprise_linux_server_eus enterprise_linux_eus enterprise_linux_…	The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR …	NVD-CWE-noinfo	CVE-2014-9585	2024-11-21 11:21	2015-01-10	Show	GitHub Exploit DB Packet Storm

278602	-	tp-link	tl-wr840n_firmware	Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authenti…	CWE-352 Origin Validation Error	CVE-2014-9510	2024-11-21 11:21	2015-01-10	Show	GitHub Exploit DB Packet Storm

278603	-	school_administration_project	school_administration	Cross-site scripting (XSS) vulnerability in the School Administration module 7.x-1.x before 7.x-1.8 for Drupal allows remote authenticated users with permission to create or edit a class node to inje…	CWE-79 Cross-site Scripting	CVE-2014-9505	2024-11-21 11:21	2015-01-10	Show	GitHub Exploit DB Packet Storm

278604	-	poll_chart_block_project	poll_chart_block	Cross-site scripting (XSS) vulnerability in the Poll Chart Block module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a poll node titl…	CWE-79 Cross-site Scripting	CVE-2014-9501	2024-11-21 11:21	2015-01-10	Show	GitHub Exploit DB Packet Storm

278605	-	linux redhat suse opensuse debian canonical oracle	linux_kernel enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_aus enterprise_linux_server_eus enterprise_linux_eus enterprise_linux_…	The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows loca…	CWE-20 Improper Input Validation	CVE-2014-9584	2024-11-21 11:21	2015-01-10	Show	GitHub Exploit DB Packet Storm

278606	-	linux redhat opensuse fedoraproject debian canonical	linux_kernel enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus enterprise_linux_server_tus ope…	Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly hav…	CWE-362 Race Condition	CVE-2014-9529	2024-11-21 11:21	2015-01-10	Show	GitHub Exploit DB Packet Storm

278607	-	moip_project	moip	Cross-site scripting (XSS) vulnerability in the Moip module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the notificatio…	CWE-79 Cross-site Scripting	CVE-2014-9500	2024-11-21 11:21	2015-01-10	Show	GitHub Exploit DB Packet Storm

278608	-	godwin\'s_law_project	godwin\'s_law	Cross-site scripting (XSS) vulnerability in the Godwin's Law module before 7.x-1.1 for Drupal, when using the dblog module, allows remote authenticated users to inject arbitrary web script or HTML vi…	CWE-79 Cross-site Scripting	CVE-2014-9499	2024-11-21 11:21	2015-01-10	Show	GitHub Exploit DB Packet Storm

278609	-	webform_invitation_project	webform_invitation	Cross-site scripting (XSS) vulnerability in the Webform Invitation module 7.x-1.x before 7.x-1.3 and 7.x-2.x before 7.x-2.4 for Drupal allows remote authenticated users with the Webform: Create new c…	CWE-79 Cross-site Scripting	CVE-2014-9498	2024-11-21 11:21	2015-01-10	Show	GitHub Exploit DB Packet Storm

278610	-	t-mobile asus	tm-ac1900 wrt_firmware	common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-9583	2024-11-21 11:21	2015-01-9	Show	GitHub Exploit DB Packet Storm