Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223191 6.8 警告 IBM - IBM InfoSphere Master Data Management Server におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-0873 2014-03-18 14:53 2014-03-17 Show GitHub Exploit DB Packet Storm
223192 3.5 注意 IBM - IBM InfoSphere Master Data Management Reference Data Management Hub におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0850 2014-03-18 14:52 2014-03-17 Show GitHub Exploit DB Packet Storm
223193 4.3 警告 IBM - IBM InfoSphere Information Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4059 2014-03-18 14:51 2013-06-7 Show GitHub Exploit DB Packet Storm
223194 6.5 警告 IBM - IBM InfoSphere Information Server における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-4058 2014-03-18 14:51 2013-06-7 Show GitHub Exploit DB Packet Storm
223195 6.8 警告 IBM - IBM InfoSphere Information Server の XML Pack におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-4057 2014-03-18 14:51 2013-06-7 Show GitHub Exploit DB Packet Storm
223196 4.3 警告 Proxmox Server Solutions - Proxmox Mail Gateway におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2325 2014-03-18 12:22 2014-03-3 Show GitHub Exploit DB Packet Storm
223197 4.3 警告 Open Classifieds - Open Classifieds 2 の classes/controller/error.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2024 2014-03-18 12:12 2014-02-20 Show GitHub Exploit DB Packet Storm
223198 4.3 警告 ブラザー工業 - Brother MFC-9970CDW プリンタのファームウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2671 2014-03-18 11:57 2013-05-6 Show GitHub Exploit DB Packet Storm
223199 4.3 警告 ブラザー工業 - Brother MFC-9970CDW プリンタのファームウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2670 2014-03-18 11:57 2013-05-6 Show GitHub Exploit DB Packet Storm
223200 4.3 警告 ブラザー工業 - Brother MFC-9970CDW プリンタのファームウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2507 2014-03-18 11:56 2013-05-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313801 9.0 CRITICAL
Network 		xwiki pdf_viewer_macro macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The width parameter of the PDF viewer macro isn't properly escaped, allowing XSS for any user who can edit a page. XSS can impact… CWE-79
Cross-site Scripting 		CVE-2024-52300 2024-11-19 02:29 2024-11-14 Show GitHub Exploit DB Packet Storm
313802 7.5 HIGH
Network 		xwiki pdf_viewer_macro macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. Any user with view right on XWiki.PDFViewerService can access any attachment stored in the wiki as the "key" that is passed to pr… NVD-CWE-noinfo
CVE-2024-52299 2024-11-19 02:29 2024-11-14 Show GitHub Exploit DB Packet Storm
313803 7.5 HIGH
Network 		xwiki pdf_viewer_macro macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The PDF Viewer macro allows an attacker to view any attachment using the "Delegate my view right" feature as long as the attacker… NVD-CWE-noinfo
CVE-2024-52298 2024-11-19 02:29 2024-11-14 Show GitHub Exploit DB Packet Storm
313804 8.1 HIGH
Network 		mayurik hospital_management_system A vulnerability classified as problematic has been found in SourceCodester Hospital Management System 1.0. This affects an unknown part of the file /vm/patient/delete-account.php. The manipulation of… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-11073 2024-11-19 02:21 2024-11-12 Show GitHub Exploit DB Packet Storm
313805 5.5 MEDIUM
Local 		isellerpal enterprise_resource_management_system An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker to obtain sensitive information via the /nssys/common/filehandle. Aspx component NVD-CWE-noinfo
CVE-2024-42677 2024-11-19 02:15 2024-08-15 Show GitHub Exploit DB Packet Storm
313806 - - - A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to … - CVE-2021-1465 2024-11-19 02:11 2024-11-19 Show GitHub Exploit DB Packet Storm
313807 4.6 MEDIUM
Network 		- - A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to perform a path traversal attack on an affecte… - CVE-2020-3538 2024-11-19 02:11 2024-11-19 Show GitHub Exploit DB Packet Storm
313808 - - - A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to elevate privileges on an affected system. To exploit this vulnerability, an attacker w… CWE-20
 Improper Input Validation  		CVE-2021-1462 2024-11-19 02:11 2024-11-19 Show GitHub Exploit DB Packet Storm
313809 6.1 MEDIUM
Network 		- - A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote at… CWE-79
Cross-site Scripting 		CVE-2021-1444 2024-11-19 02:11 2024-11-19 Show GitHub Exploit DB Packet Storm
313810 4.3 MEDIUM
Network 		- - A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access… CWE-201
 Insertion of Sensitive Information Into Sent Data 		CVE-2021-1425 2024-11-19 02:11 2024-11-19 Show GitHub Exploit DB Packet Storm