Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224491 10 危険 シーメンス - Siemens SINAMICS S/G コントローラのファームウェアにおけるアクセス制限を回避される脆弱性 CWE-287
不適切な認証 		CVE-2013-6920 2013-12-10 15:26 2013-12-4 Show GitHub Exploit DB Packet Storm
224492 5.8 警告 Drupal - Drupal の Overlay モジュールにおけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2013-6389 2013-12-10 15:13 2013-11-20 Show GitHub Exploit DB Packet Storm
224493 6.8 警告 Drupal - Drupal におけるセキュリティ文字列を予測される脆弱性 CWE-310
暗号の問題 		CVE-2013-6386 2013-12-10 15:13 2013-11-20 Show GitHub Exploit DB Packet Storm
224494 5.1 警告 Drupal - Drupal の form API における任意のコードを実行するようなアプリケーション固有の影響を誘発される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-6385 2013-12-10 15:12 2013-11-20 Show GitHub Exploit DB Packet Storm
224495 6.8 警告 Steven Jones - Drupal 用 Context モジュールの plugins/context_reaction_block.inc 内の _json_decode 関数における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-4446 2013-12-10 15:12 2013-10-16 Show GitHub Exploit DB Packet Storm
224496 4.9 警告 Steven Jones - Drupal 用 Context モジュールの json レンダリング機能におけるブロックのアクセストークンを推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4445 2013-12-10 15:11 2013-10-16 Show GitHub Exploit DB Packet Storm
224497 4.3 警告 Sven Fuchs - Ruby 用 i18n gem の exceptions.rb におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4492 2013-12-10 12:38 2013-12-3 Show GitHub Exploit DB Packet Storm
224498 4.3 警告 Ruby on Rails project - Ruby on Rails の actionpack/lib/action_view/helpers/text_helper.rb におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6416 2013-12-10 12:29 2013-12-3 Show GitHub Exploit DB Packet Storm
224499 7.2 危険 Novell - SUSE horde5 パッケージにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-1090 2013-12-9 18:21 2013-12-4 Show GitHub Exploit DB Packet Storm
224500 4.3 警告 The Jamroom Network - Jamroom 用 Search モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6804 2013-12-9 18:08 2013-11-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211881 6.5 MEDIUM
Network 		cms-dev cms Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2020-24804 2024-11-21 14:16 2023-08-11 Show GitHub Exploit DB Packet Storm
211882 7.5 HIGH
Network 		nexusphp nexusphp Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access published content. CWE-863
 Incorrect Authorization 		CVE-2020-24771 2024-11-21 14:16 2022-03-30 Show GitHub Exploit DB Packet Storm
211883 9.8 CRITICAL
Network 		nexusphp nexusphp SQL injection vulnerability in modrules.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2020-24770 2024-11-21 14:16 2022-03-30 Show GitHub Exploit DB Packet Storm
211884 9.8 CRITICAL
Network 		nexusphp nexusphp SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the classes parameter. CWE-89
SQL Injection 		CVE-2020-24769 2024-11-21 14:16 2022-03-30 Show GitHub Exploit DB Packet Storm
211885 8.8 HIGH
Network 		clash_project clash In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. … CWE-346
 Origin Validation Error 		CVE-2020-24772 2024-11-21 14:16 2022-03-22 Show GitHub Exploit DB Packet Storm
211886 9.8 CRITICAL
Network 		zohocorp manageengine_applications_manager An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter. NVD-CWE-noinfo
CVE-2020-24743 2024-11-21 14:16 2021-11-4 Show GitHub Exploit DB Packet Storm
211887 9.8 CRITICAL
Network 		sourcecodester complaint_management_system An SQL Injection vulnerability exists in Sourcecodester Complaint Management System 1.0 via the cid parameter in complaint-details.php. CWE-89
SQL Injection 		CVE-2020-24932 2024-11-21 14:16 2021-10-27 Show GitHub Exploit DB Packet Storm
211888 8.1 HIGH
Network 		wuzhicms wuzhicms Beijing Wuzhi Internet Technology Co., Ltd. Wuzhi CMS 4.0.1 is an open source content management system. The five fingers CMS backend in***.php file has arbitrary file deletion vulnerability. Attacke… NVD-CWE-noinfo
CVE-2020-24930 2024-11-21 14:16 2021-09-28 Show GitHub Exploit DB Packet Storm
211889 7.8 HIGH
Local 		qt qt An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files. NVD-CWE-noinfo
CVE-2020-24742 2024-11-21 14:16 2021-08-10 Show GitHub Exploit DB Packet Storm
211890 5.5 MEDIUM
Local 		libelfin_project libelfin A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. NVD-CWE-noinfo
CVE-2020-24827 2024-11-21 14:16 2021-08-5 Show GitHub Exploit DB Packet Storm