Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232621 4.3 警告 サン・マイクロシステムズ - Sun Java System Identity Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0239 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
232622 7.5 危険 Xine - xine-lib の input/libreal/rmff.c におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0238 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
232623 7.5 危険 zero cms - Zero CMS における意図したアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0233 2012-12-20 18:34 2008-01-10 Show GitHub Exploit DB Packet Storm
232624 7.5 危険 zero cms - Zero CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0232 2012-12-20 18:34 2008-01-10 Show GitHub Exploit DB Packet Storm
232625 7.5 危険 tuned studios - Tuned Studios Subwoofer などの Web ページテンプレートにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0231 2012-12-20 18:34 2008-01-10 Show GitHub Exploit DB Packet Storm
232626 6.4 警告 Xine - xine-lib の input/libreal/rmff.c におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0225 2012-12-20 18:34 2008-01-10 Show GitHub Exploit DB Packet Storm
232627 7.5 危険 runcms - RunCMS の Newbb_plus モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0224 2012-12-20 18:34 2008-01-10 Show GitHub Exploit DB Packet Storm
232628 7.5 危険 WordPress.org - WordPress 用の Wp-FileManager プラグインにおける任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0222 2012-12-20 18:34 2008-01-10 Show GitHub Exploit DB Packet Storm
232629 6.4 警告 uebimiau - Uebimiau Webmail における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-0210 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
232630 5.8 警告 snitz forums 2000 - Snitz Forums 2000 の Forums/login.asp におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0209 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294451 - cisco adaptive_security_appliance_software The IPsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(1.7), when an IPsec VPN tunnel is enabled, allows remote attackers to cause a denial of service (device rel… CWE-310
Cryptographic Issues 		CVE-2013-5507 2024-11-21 10:57 2013-10-13 Show GitHub Exploit DB Packet Storm
294452 - cisco firewall_services_module_software The authorization functionality in Cisco Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(25) and 4.x before 4.1(13), when multiple-context mode is enabled, allows local users to read or mo… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-5506 2024-11-21 10:57 2013-10-13 Show GitHub Exploit DB Packet Storm
294453 - cisco unified_ip_phones_9900_series_firmware
unified_ip_phone_9951
unified_ip_phone_9971 		The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334. CWE-20
 Improper Input Validation  		CVE-2013-5533 2024-11-21 10:57 2013-10-11 Show GitHub Exploit DB Packet Storm
294454 - cisco unified_ip_phones_9900_series_firmware
unified_ip_phone_9951
unified_ip_phone_9971 		Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service (webapp interface outage) via long values in unspecified fields, aka Bug … CWE-20
 Improper Input Validation  		CVE-2013-5532 2024-11-21 10:57 2013-10-11 Show GitHub Exploit DB Packet Storm
294455 - cisco unified_communications_manager Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal … CWE-22
Path Traversal 		CVE-2013-5528 2024-11-21 10:57 2013-10-11 Show GitHub Exploit DB Packet Storm
294456 - cisco ios
ios_xe 		The OSPF functionality in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet, aka Bug ID CSCui21030. CWE-20
 Improper Input Validation  		CVE-2013-5527 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm
294457 - cisco unified_ip_phone_9951
unified_ip_phone_9971 		Cisco 9900 fourth-generation IP phones do not properly perform SDP negotiation, which allows remote attackers to cause a denial of service (device reboot) via crafted SDP packets, aka Bug ID CSCuf066… CWE-20
 Improper Input Validation  		CVE-2013-5526 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm
294458 - cisco identity_services_engine_software SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a… CWE-89
SQL Injection 		CVE-2013-5525 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm
294459 - cisco identity_services_engine_software Cross-site scripting (XSS) vulnerability in the troubleshooting page in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unsp… CWE-79
Cross-site Scripting 		CVE-2013-5524 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm
294460 - cisco identity_services_engine_software The Sponsor Portal in Cisco Identity Services Engine (ISE) 1.2 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attack… CWE-20
 Improper Input Validation  		CVE-2013-5523 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm