Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224331	8.3	危険	Xen プロジェクト	-	Xen の do_physdev_op 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-1666	2014-01-28 18:02	2014-01-23	Show	GitHub Exploit DB Packet Storm

224332	5	警告	チェック・ポイント・ソフトウェア・テクノロジーズ	-	Check Point Session Authentication Agent における重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2014-1673	2014-01-28 18:01	2014-01-22	Show	GitHub Exploit DB Packet Storm

224333	4	警告	チェック・ポイント・ソフトウェア・テクノロジーズ	-	Check Point Security Gateway および Management Server におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-1672	2014-01-28 18:01	2014-01-14	Show	GitHub Exploit DB Packet Storm

224334	4.4	警告	Xen プロジェクト	-	Xen の IRQ 設定におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2014-1642	2014-01-28 18:01	2014-01-23	Show	GitHub Exploit DB Packet Storm

224335	6.8	警告	OpenPNEプロジェクト	-	OpenPNE において任意の PHP コードが実行される脆弱性	CWE-Other その他	CVE-2013-5350	2014-01-28 17:58	2014-01-24	Show	GitHub Exploit DB Packet Storm

224336	10	危険	Franklin Fueling Systems	-	Franklin Fueling Systems TS-550 evo のファームウェアにおける root 権限を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2013-7248	2014-01-28 17:57	2013-12-18	Show	GitHub Exploit DB Packet Storm

224337	5	警告	Franklin Fueling Systems	-	Franklin Fueling Systems TS-550 evo のファームウェアの cgi-bin/tsaws.cgi における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-7247	2014-01-28 17:57	2013-12-18	Show	GitHub Exploit DB Packet Storm

224338	6.5	警告	デル	-	Dell KACE K1000 における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-1671	2014-01-28 17:56	2014-01-13	Show	GitHub Exploit DB Packet Storm

224339	5	警告	Galen Charlton	-	Evergreen などの製品で使用される MARC::File::XML モジュールにおける XML 外部エンティティの脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-1626	2014-01-28 17:56	2014-01-21	Show	GitHub Exploit DB Packet Storm

224340	7.5	危険	General Electric Company	-	GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY および Proficy Process Systems with CIMPLICITY におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-0751	2014-01-28 17:44	2014-01-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211211	7.8	HIGH Local	siemens	jt2go teamcenter_visualization solid_edge	A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2), Teamcenter Visualization (All ver…	-	CVE-2020-28383	2024-11-21 14:22	2021-01-13	Show	GitHub Exploit DB Packet Storm

211212	5.3	MEDIUM Network	rocket.chat	rocket.chat	An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.	CWE-203 Information Exposure Through Discrepancy	CVE-2020-28208	2024-11-21 14:22	2021-01-9	Show	GitHub Exploit DB Packet Storm

211213	9.8	CRITICAL Network	pwntools_project	pwntools	This affects the package pwntools before 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection (SSTI), which can lead to remote code ex…	CWE-74 Injection	CVE-2020-28468	2024-11-21 14:22	2021-01-8	Show	GitHub Exploit DB Packet Storm

211214	9.8	CRITICAL Network	djv_project	djv	This affects the package djv before 2.1.4. By controlling the schema file, an attacker can run arbitrary JavaScript code on the victim machine.	CWE-94 Code Injection	CVE-2020-28464	2024-11-21 14:22	2021-01-4	Show	GitHub Exploit DB Packet Storm

211215	6.5	MEDIUM Network	mantisbt	mantisbt	In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mc_project_get_users function through the API SOAP.	CWE-89 SQL Injection	CVE-2020-28413	2024-11-21 14:22	2020-12-31	Show	GitHub Exploit DB Packet Storm

211216	7.5	HIGH Network	tenda	ac1200_firmware	On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the change password API will trigger the router to crash and enter an infinite boot loop.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2020-28095	2024-11-21 14:22	2020-12-31	Show	GitHub Exploit DB Packet Storm

211217	6.1	MEDIUM Network	sapplica	sentrifugo	Sentrifugo 3.2 allows Stored Cross-Site Scripting (XSS) vulnerability by inserting a payload within the X-Forwarded-For HTTP header during the login process. When an administrator looks at logs, the …	CWE-79 Cross-site Scripting	CVE-2020-28365	2024-11-21 14:22	2020-12-31	Show	GitHub Exploit DB Packet Storm

211218	9.8	CRITICAL Network	libnested_project	libnested	Prototype pollution vulnerability in 'libnested' versions 0.0.0 through 1.5.0 allows an attacker to cause a denial of service and may lead to remote code execution.	NVD-CWE-Other	CVE-2020-28283	2024-11-21 14:22	2020-12-30	Show	GitHub Exploit DB Packet Storm

211219	9.8	CRITICAL Network	getobject_project	getobject	Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution.	NVD-CWE-Other	CVE-2020-28282	2024-11-21 14:22	2020-12-30	Show	GitHub Exploit DB Packet Storm

211220	9.8	CRITICAL Network	set-object-value_project	set-object-value	Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 through 0.0.5 allows an attacker to cause a denial of service and may lead to remote code execution.	NVD-CWE-noinfo	CVE-2020-28281	2024-11-21 14:22	2020-12-30	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed