Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
229381 5 警告 ヒューレット・パッカード - HP System Management Homepage における重要な情報を取得される脆弱性 CWE-noinfo
情報不足
CVE-2013-2356 2013-07-23 14:58 2013-07-18 Show GitHub Exploit DB Packet Storm
229382 5 警告 ヒューレット・パッカード - HP System Management Homepage におけるアクセス制限を回避される脆弱性 CWE-noinfo
情報不足
CVE-2012-5217 2013-07-23 14:55 2013-07-18 Show GitHub Exploit DB Packet Storm
229383 6.8 警告 Markus Blaschke - TYPO3 用 TEQneers SEO Enhancements エクステンションにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2013-4871 2013-07-23 14:44 2013-06-3 Show GitHub Exploit DB Packet Storm
229384 7.5 危険 News Search Project - TYPO3 用 News Search エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2013-4870 2013-07-23 14:43 2013-01-28 Show GitHub Exploit DB Packet Storm
229385 4.3 警告 NashTech - Easy PHP Calendar の index.php および datePicker.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2013-1955 2013-07-23 14:38 2013-04-12 Show GitHub Exploit DB Packet Storm
229386 4.3 警告 マカフィー - McAfee ePolicy Orchestrator におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2013-0141 2013-07-22 18:52 2013-04-22 Show GitHub Exploit DB Packet Storm
229387 7.9 危険 マカフィー - McAfee ePolicy Orchestrator における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2013-0140 2013-07-22 18:50 2013-04-22 Show GitHub Exploit DB Packet Storm
229388 4.3 警告 Moxiecode Systems AB
SWFUpload Project
WordPress.org
- WordPress および TinyMCE Image Manager などの製品で使用される SWFUpload におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-3414 2013-07-22 16:58 2012-05-17 Show GitHub Exploit DB Packet Storm
229389 6.4 警告 IBM - IBM API Management におけるテナント API へアクセスされる脆弱性 CWE-noinfo
情報不足
CVE-2013-0559 2013-07-22 16:33 2013-07-10 Show GitHub Exploit DB Packet Storm
229390 7.2 危険 IBM - IBM AIX および VIOS の InfiniBand サブシステムにおける権限を取得される脆弱性 CWE-noinfo
情報不足
CVE-2013-4011 2013-07-22 16:32 2013-06-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293101 - vmturbo operations_manager Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the xml_path parameter. CWE-22
Path Traversal
CVE-2014-3806 2024-11-21 11:08 2014-05-21 Show GitHub Exploit DB Packet Storm
293102 - google chrome The SpeechInput feature in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to enable microphone access and obtain speech-recognition text without indication via an INPUT… CWE-200
Information Exposure
CVE-2014-3803 2024-11-21 11:08 2014-05-21 Show GitHub Exploit DB Packet Storm
293103 - microsoft debug_interface_access_software_development_kit
visual_studio
msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-… CWE-20
 Improper Input Validation 
CVE-2014-3802 2024-11-21 11:08 2014-05-21 Show GitHub Exploit DB Packet Storm
293104 - beetel 450tc2_router_firmware
450tc2_router
Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 Router with firmware TX6-0Q-005_retail allows remote attackers to hijack the authentication of administrators for requests that change… CWE-352
 Origin Validation Error
CVE-2014-3792 2024-11-21 11:08 2014-05-20 Show GitHub Exploit DB Packet Storm
293105 - efssoft easy_file_sharing_web_server Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2014-3791 2024-11-21 11:08 2014-05-20 Show GitHub Exploit DB Packet Storm
293106 - call-cc chicken Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service (memory corr… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2014-3776 2024-11-21 11:08 2014-05-20 Show GitHub Exploit DB Packet Storm
293107 - construtiva cis_manager_cms SQL injection vulnerability in Construtiva CIS Manager allows remote attackers to execute arbitrary SQL commands via the email parameter to autenticar/lembrarlogin.asp. CWE-89
SQL Injection
CVE-2014-3749 2024-11-21 11:08 2014-05-20 Show GitHub Exploit DB Packet Storm
293108 - zenoss zenoss Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_form in Zenoss 4.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in t… CWE-20
 Improper Input Validation 
CVE-2014-3739 2024-11-21 11:08 2014-05-20 Show GitHub Exploit DB Packet Storm
293109 - zenoss zenoss Cross-site scripting (XSS) vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device. CWE-79
Cross-site Scripting
CVE-2014-3738 2024-11-21 11:08 2014-05-20 Show GitHub Exploit DB Packet Storm
293110 - juniper junos_space
junos_space_ja1500_appliance
junos_space_ja2500_appliance
Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors. NVD-CWE-noinfo
CVE-2014-3412 2024-11-21 11:08 2014-05-20 Show GitHub Exploit DB Packet Storm