Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224631 4 警告 Open-Xchange - Open-Xchange Server におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-1645 2013-09-6 16:14 2013-03-13 Show GitHub Exploit DB Packet Storm
224632 3.5 注意 Open-Xchange - Open-Xchange App Suite および Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5698 2013-09-6 16:11 2013-06-3 Show GitHub Exploit DB Packet Storm
224633 3.5 注意 Open-Xchange - Open-Xchange App Suite における他のユーザの電子メールの認証情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2013-4790 2013-09-6 16:03 2013-07-31 Show GitHub Exploit DB Packet Storm
224634 4.3 警告 Open-Xchange - Open-Xchange App Suite および Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-3106 2013-09-6 15:03 2013-06-3 Show GitHub Exploit DB Packet Storm
224635 4.3 警告 Open-Xchange - Open-Xchange App Suite および Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2583 2013-09-6 14:54 2013-04-17 Show GitHub Exploit DB Packet Storm
224636 5 警告 Open-Xchange - Open-Xchange App Suite および Server のリダイレクトサーブレットにおける CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2013-2582 2013-09-6 14:47 2013-04-17 Show GitHub Exploit DB Packet Storm
224637 5.8 警告 DELL EMC (旧 EMC Corporation) - EMC RSA Archer GRC におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2013-3277 2013-09-6 12:06 2013-09-3 Show GitHub Exploit DB Packet Storm
224638 6.8 警告 シスコシステムズ - Cisco Global Site Selector の Web フレームワークにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-5471 2013-09-6 11:49 2013-09-4 Show GitHub Exploit DB Packet Storm
224639 6.8 警告 ShareThis - WordPress 用 ShareThis プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-3479 2013-09-6 11:44 2013-08-27 Show GitHub Exploit DB Packet Storm
224640 4.3 警告 シスコシステムズ - Cisco Prime NCS および Cisco WCS にクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5990 2013-09-5 19:40 2013-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313431 5.4 MEDIUM
Network 		newtype webeip NewType WebEIP v3.0 does not properly validate user input, allowing a remote attacker with regular privileges to insert JavaScript into specific parameters, resulting in a Reflected Cross-site Script… CWE-79
Cross-site Scripting 		CVE-2024-9969 2024-10-19 09:51 2024-10-15 Show GitHub Exploit DB Packet Storm
313432 4.9 MEDIUM
Network 		usualtool usualtoolcms A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects an unknown part of the file app/modules/ut-template/admin/template_creat.php. The manipulation of the a… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-9917 2024-10-19 09:49 2024-10-14 Show GitHub Exploit DB Packet Storm
313433 7.2 HIGH
Network 		usualtool usualtoolcms A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This vulnerability affects the function RunSql of the file app/modules/ut-data/admin/sql.php. The manipulation of the a… CWE-89
SQL Injection 		CVE-2024-9918 2024-10-19 09:47 2024-10-14 Show GitHub Exploit DB Packet Storm
313434 7.5 HIGH
Network 		dueclic wp_2fa_with_telegram The WP 2FA with Telegram plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 3.0. This is due to the two-factor code being stored in a cookie, whi… CWE-565
 Reliance on Cookies without Validation and Integrity Checking 		CVE-2024-9820 2024-10-19 09:44 2024-10-15 Show GitHub Exploit DB Packet Storm
313435 8.8 HIGH
Network 		newtype webeip WebEIP v3.0 from NewType does not properly validate user input, allowing remote attackers with regular privilege to inject SQL commands to read, modify, and delete data stored in database. The affe… CWE-89
SQL Injection 		CVE-2024-9968 2024-10-19 09:42 2024-10-15 Show GitHub Exploit DB Packet Storm
313436 7.2 HIGH
Network 		fortinet fortianalyzer
fortianalyzer_cloud 		A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests. NVD-CWE-noinfo
CVE-2024-45330 2024-10-19 09:41 2024-10-9 Show GitHub Exploit DB Packet Storm
313437 7.2 HIGH
Network 		hashicorp vault A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. Fixed in Vault Community Edi… NVD-CWE-Other
CVE-2024-9180 2024-10-19 05:15 2024-10-11 Show GitHub Exploit DB Packet Storm
313438 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-9884. Reason: This candidate is a reservation duplicate of CVE-2024-9884. Notes: All CVE users should reference CV… - CVE-2024-10115 2024-10-19 04:15 2024-10-19 Show GitHub Exploit DB Packet Storm
313439 7.5 HIGH
Network 		oracle weblogic_server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerab… NVD-CWE-noinfo
CVE-2024-21274 2024-10-19 04:05 2024-10-16 Show GitHub Exploit DB Packet Storm
313440 7.5 HIGH
Network 		oracle weblogic_server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerabili… NVD-CWE-noinfo
CVE-2024-21260 2024-10-19 04:05 2024-10-16 Show GitHub Exploit DB Packet Storm