Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229581 7.5 危険 xyssl - XySSL の ssl_parse_client_key_exchange 関数における鍵を回復される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7128 2012-12-20 19:10 2009-08-31 Show GitHub Exploit DB Packet Storm
229582 7.5 危険 zkup - zKup CMS における管理者権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-7124 2012-12-20 19:10 2009-08-31 Show GitHub Exploit DB Packet Storm
229583 6.8 警告 zkup - zKup CMS の admin/configuration/modifier.php における任意の PHP コード挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-7123 2012-12-20 19:10 2009-08-31 Show GitHub Exploit DB Packet Storm
229584 7.5 危険 WeBid Support - WeBid auction script の item.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7119 2012-12-20 19:10 2009-08-28 Show GitHub Exploit DB Packet Storm
229585 5 警告 WeBid Support - WeBid auction script における SQL クエリログを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7118 2012-12-20 19:10 2009-08-28 Show GitHub Exploit DB Packet Storm
229586 5 警告 WeBid Support - WeBid auction script の eledicss.php における任意のカスケードスタイルシートファイル (CSS) を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7117 2012-12-20 19:10 2009-08-28 Show GitHub Exploit DB Packet Storm
229587 7.5 危険 WeBid Support - WeBid auction script の admin panel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7116 2012-12-20 19:10 2009-08-28 Show GitHub Exploit DB Packet Storm
229588 4.3 警告 phpcart - Carmosa phpCart におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7108 2012-12-20 19:10 2009-08-28 Show GitHub Exploit DB Packet Storm
229589 5 警告 ソフォス - Microsoft Exchange 用の Sophos PureMessage におけるスキャン保護のリモート回避をされる脆弱性 CWE-Other
その他 		CVE-2008-7106 2012-12-20 19:10 2009-08-27 Show GitHub Exploit DB Packet Storm
229590 5 警告 ソフォス - Microsoft Exchange 用の Sophos PureMessage におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2008-7105 2012-12-20 19:10 2009-08-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
292631 - apple iphone_os Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by tapping the emerge… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-5144 2024-11-21 10:57 2013-10-24 Show GitHub Exploit DB Packet Storm
292632 - apple apple_remote_desktop Apple Remote Desktop before 3.7 does not properly use server authentication-type information during decisions about whether to present an unencrypted-connection warning message, which allows remote a… CWE-200
Information Exposure 		CVE-2013-5136 2024-11-21 10:57 2013-10-24 Show GitHub Exploit DB Packet Storm
292633 - apple apple_remote_desktop
mac_os_x 		Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers… CWE-134
Use of Externally-Controlled Format String 		CVE-2013-5135 2024-11-21 10:57 2013-10-24 Show GitHub Exploit DB Packet Storm
292634 - draytek vigor_2700_router_firmware
vigor_2700_router 		The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code, and modify settings or the DNS cache, via a crafted SSID value that is not properly handled during in… CWE-78
OS Command  		CVE-2013-5703 2024-11-21 10:57 2013-10-23 Show GitHub Exploit DB Packet Storm
292635 - ibm lotus_domino Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SP… CWE-79
Cross-site Scripting 		CVE-2013-5389 2024-11-21 10:57 2013-10-23 Show GitHub Exploit DB Packet Storm
292636 - ibm lotus_domino Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SP… CWE-79
Cross-site Scripting 		CVE-2013-5388 2024-11-21 10:57 2013-10-23 Show GitHub Exploit DB Packet Storm
292637 - cisco unified_computing_system The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via crafted command parameters that trigger hardware-component write operatio… CWE-20
 Improper Input Validation  		CVE-2013-5550 2024-11-21 10:57 2013-10-22 Show GitHub Exploit DB Packet Storm
292638 - cisco adaptive_security_appliance_software The VPN authentication functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (device reload) by sending many username-from-cert IKE re… CWE-399
 Resource Management Errors 		CVE-2013-5544 2024-11-21 10:57 2013-10-22 Show GitHub Exploit DB Packet Storm
292639 - ibm websphere_datapower_xc10_appliance
websphere_datapower_xc10_appliance_firmware 		The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors. NVD-CWE-noinfo
CVE-2013-5446 2024-11-21 10:57 2013-10-22 Show GitHub Exploit DB Packet Storm
292640 - ibm websphere_datapower_xc10_appliance
websphere_datapower_xc10_appliance_firmware 		IBM WebSphere DataPower XC10 appliances 2.5.0 do not require authentication for all administrative actions, which allows remote attackers to cause a denial of service via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-5428 2024-11-21 10:57 2013-10-22 Show GitHub Exploit DB Packet Storm