Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223101 3.5 注意 IBM - IBM InfoSphere Enterprise Records および Enterprise Records におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6314 2014-03-7 15:10 2013-10-31 Show GitHub Exploit DB Packet Storm
223102 4 警告 IBM - IBM Algo One の Algo Risk Application におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-6304 2014-03-7 15:10 2013-10-31 Show GitHub Exploit DB Packet Storm
223103 4 警告 DELL EMC (旧 EMC Corporation) - EMC Documentum TaskSpace における任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0630 2014-03-7 12:02 2014-03-5 Show GitHub Exploit DB Packet Storm
223104 6 警告 DELL EMC (旧 EMC Corporation) - EMC Documentum TaskSpace における重要な情報および権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0629 2014-03-7 12:02 2014-03-5 Show GitHub Exploit DB Packet Storm
223105 2.7 注意 DELL EMC (旧 EMC Corporation) - EMC RSA Data Loss Prevention における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2014-0624 2014-03-7 12:02 2014-02-28 Show GitHub Exploit DB Packet Storm
223106 6.8 警告 SERENA Software - Serena Dimensions CM の Web クライアントにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-0336 2014-03-7 11:37 2014-03-5 Show GitHub Exploit DB Packet Storm
223107 4.3 警告 SERENA Software - Serena Dimensions CM の Web クライアントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0335 2014-03-7 11:37 2014-03-5 Show GitHub Exploit DB Packet Storm
223108 9.3 危険 オラクル - Oracle Java SE の Java Runtime Environment における Deployment に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-2462 2014-03-6 18:37 2013-06-18 Show GitHub Exploit DB Packet Storm
223109 9.3 危険 オラクル - Oracle Java SE の Java Runtime Environment における Serviceability に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-2460 2014-03-6 18:25 2013-06-18 Show GitHub Exploit DB Packet Storm
223110 5.8 警告 オラクル - Oracle Java SE の Java Runtime Environment における Libraries に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-2458 2014-03-6 18:24 2013-06-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314971 7.5 HIGH
Network 		63moons aero
wave_2.0 		This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by interceptin… NVD-CWE-Other
CVE-2024-51561 2024-11-7 00:59 2024-11-4 Show GitHub Exploit DB Packet Storm
314972 6.1 MEDIUM
Network 		bna pospratik Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Bna Informatics PosPratik allows XSS Through HTTP Query Strings.This issue affects PosPratik: before v3.… CWE-79
Cross-site Scripting 		CVE-2024-9147 2024-11-7 00:53 2024-11-4 Show GitHub Exploit DB Packet Storm
314973 7.5 HIGH
Network 		zimaspace zimaos ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the ZimaOS API endpoint `http://<Zima_Server_IP:PORT>/v3/file?t… CWE-22
Path Traversal 		CVE-2024-48931 2024-11-7 00:46 2024-10-25 Show GitHub Exploit DB Packet Storm
314974 9.8 CRITICAL
Network 		lunary lunary A SQL injection vulnerability exists in the `/api/v1/external-users` route of lunary-ai/lunary version v1.4.2. The `order by` clause of the SQL query uses `sql.unsafe` without prior sanitization, all… CWE-89
SQL Injection 		CVE-2024-7456 2024-11-7 00:45 2024-11-1 Show GitHub Exploit DB Packet Storm
314975 4.8 MEDIUM
Network 		dublue table_of_contents_plus The Table of Contents Plus WordPress plugin through 2408 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting atta… CWE-79
Cross-site Scripting 		CVE-2024-5578 2024-11-7 00:44 2024-11-5 Show GitHub Exploit DB Packet Storm
314976 4.8 MEDIUM
Network 		nsqua simply_schedule_appointments The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and escape some of its Notification settings, which could allow high … CWE-79
Cross-site Scripting 		CVE-2024-7877 2024-11-7 00:42 2024-11-5 Show GitHub Exploit DB Packet Storm
314977 4.8 MEDIUM
Network 		nsqua simply_schedule_appointments The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and escape some of its Appointment Type settings, which could allow h… CWE-79
Cross-site Scripting 		CVE-2024-7876 2024-11-7 00:42 2024-11-5 Show GitHub Exploit DB Packet Storm
314978 - - - An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to edit the valid hotel room… - CVE-2024-42773 2024-11-7 00:35 2024-08-23 Show GitHub Exploit DB Packet Storm
314979 8.8 HIGH
Network 		zohocorp manageengine_exchange_reporter_plus Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module. CWE-89
SQL Injection 		CVE-2024-9459 2024-11-7 00:29 2024-11-5 Show GitHub Exploit DB Packet Storm
314980 7.5 HIGH
Network 		zimaspace zimaos ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoints in ZimaOS, such as `http://<Server-IP>/v1/use… CWE-862
 Missing Authorization 		CVE-2024-49357 2024-11-7 00:28 2024-10-25 Show GitHub Exploit DB Packet Storm