Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228441 2.1 注意 Devsaran - Drupal 用 Fresh Theme におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1779 2013-04-1 14:46 2013-02-27 Show GitHub Exploit DB Packet Storm
228442 2.1 注意 Devsaran - Drupal 用 Creative Theme におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1778 2013-04-1 14:42 2013-02-27 Show GitHub Exploit DB Packet Storm
228443 4.3 警告 Varnish Http Accelerator Integration Project - Drupal 用 Varnish モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0325 2013-04-1 14:41 2013-02-20 Show GitHub Exploit DB Packet Storm
228444 2.1 注意 Tomasbarej - Drupal 用 Menu Reference モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0324 2013-04-1 14:40 2013-02-20 Show GitHub Exploit DB Packet Storm
228445 4.3 警告 Kristof De Jaeger - Drupal 用 Display Suite モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0323 2013-04-1 14:39 2013-02-20 Show GitHub Exploit DB Packet Storm
228446 4.3 警告 Ubercart - Drupal 用 Ubercart モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0322 2013-04-1 14:38 2013-02-20 Show GitHub Exploit DB Packet Storm
228447 4.3 警告 Mads Peter Henderson - Drupal 用 Ubercart Views モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0321 2013-04-1 14:37 2013-02-20 Show GitHub Exploit DB Packet Storm
228448 5.1 警告 mattias hutterer - Drupal 用 Taxonomy Manager モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-0320 2013-04-1 14:37 2013-02-20 Show GitHub Exploit DB Packet Storm
228449 4.3 警告 Yandex.Metrics Pproject - Drupal 用 Yandex.Metrics モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0319 2013-04-1 14:36 2013-02-19 Show GitHub Exploit DB Packet Storm
228450 10 危険 Banckle Chat Project - Drupal 用 Banckle Chat モジュールにおける制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0318 2013-04-1 14:17 2013-02-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275621 9.8 CRITICAL
Network 		awebsupport aweb_cart_watching_system_for_virtuemart SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving catego… CWE-89
SQL Injection 		CVE-2016-10114 2024-11-21 11:43 2017-01-4 Show GitHub Exploit DB Packet Storm
275622 4.8 MEDIUM
Network 		woocommerce woocommerce Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.6.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML by providing crafted ta… CWE-79
Cross-site Scripting 		CVE-2016-10112 2024-11-21 11:43 2017-01-4 Show GitHub Exploit DB Packet Storm
275623 9.8 CRITICAL
Network 		western_digital mycloud_nas Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data. CWE-77
Command Injection 		CVE-2016-10108 2024-11-21 11:43 2017-01-3 Show GitHub Exploit DB Packet Storm
275624 9.8 CRITICAL
Network 		western_digital mycloud_nas Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header. CWE-77
Command Injection 		CVE-2016-10107 2024-11-21 11:43 2017-01-3 Show GitHub Exploit DB Packet Storm
275625 6.5 MEDIUM
Network 		netgear fvs336gv3_firmware
srx5308_firmware
fvs318gv2_firmware
fvs318n_firmware 		Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitra… CWE-22
Path Traversal 		CVE-2016-10106 2024-11-21 11:43 2017-01-3 Show GitHub Exploit DB Packet Storm
275626 9.8 CRITICAL
Network 		piwigo piwigo admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence. CWE-200
CWE-284
Information Exposure
Improper Access Control 		CVE-2016-10105 2024-11-21 11:43 2017-01-3 Show GitHub Exploit DB Packet Storm
275627 5.3 MEDIUM
Network 		borg borg Borg (aka BorgBackup) before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive. CWE-20
 Improper Input Validation  		CVE-2016-10100 2024-11-21 11:43 2017-01-3 Show GitHub Exploit DB Packet Storm
275628 5.3 MEDIUM
Network 		borg_project borg Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives. CWE-310
Cryptographic Issues 		CVE-2016-10099 2024-11-21 11:43 2017-01-3 Show GitHub Exploit DB Packet Storm
275629 7.5 HIGH
Network 		forgerock openam XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM - Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter. CWE-611
XXE 		CVE-2016-10097 2024-11-21 11:43 2017-01-2 Show GitHub Exploit DB Packet Storm
275630 7.3 HIGH
Network 		genixcms genixcms SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter. CWE-89
SQL Injection 		CVE-2016-10096 2024-11-21 11:43 2017-01-2 Show GitHub Exploit DB Packet Storm