Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224661 10 危険 Mozilla Foundation - 複数の Mozilla 製品の JavaScript の実装における脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5615 2014-01-10 18:17 2013-12-10 Show GitHub Exploit DB Packet Storm
224662 4.3 警告 Open-Xchange - Open-Xchange AppSuite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6997 2014-01-10 16:31 2013-12-13 Show GitHub Exploit DB Packet Storm
224663 4 警告 シスコシステムズ - Cisco Unified Communications Manager の管理ポータルにおけるロールベースのアクセス制御を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0657 2014-01-10 16:26 2014-01-7 Show GitHub Exploit DB Packet Storm
224664 4 警告 シスコシステムズ - Cisco Context Directory Agent における特定のユーザインターフェースのデータの欠落を誘発される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-0656 2014-01-10 16:25 2014-01-8 Show GitHub Exploit DB Packet Storm
224665 4.3 警告 シスコシステムズ - Cisco Adaptive Security Appliance ソフトウェアの Identity Firewall 機能におけるユーザキャッシュのコンテンツを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-0655 2014-01-10 16:24 2014-01-8 Show GitHub Exploit DB Packet Storm
224666 4.3 警告 シスコシステムズ - Cisco Context Directory Agent におけるキャッシュを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-0654 2014-01-10 16:24 2014-01-9 Show GitHub Exploit DB Packet Storm
224667 4.3 警告 シスコシステムズ - Cisco Adaptive Security Appliance ソフトウェアの Identity Firewall 機能における認証状態の変更を誘発される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-0653 2014-01-10 16:23 2014-01-8 Show GitHub Exploit DB Packet Storm
224668 4.3 警告 シスコシステムズ - Cisco Context Directory Agent のマッピングページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0652 2014-01-10 16:22 2014-01-9 Show GitHub Exploit DB Packet Storm
224669 4.9 警告 シスコシステムズ - Cisco Context Directory Agent の管理インターフェースにおける管理アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0651 2014-01-10 16:22 2014-01-9 Show GitHub Exploit DB Packet Storm
224670 4.3 警告 シスコシステムズ - Cisco NX-OS の BGP の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-6982 2014-01-10 16:21 2014-01-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210901 7.5 HIGH
Network 		plummac ik-401_firmware An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credenti… CWE-306
Missing Authentication for Critical Function 		CVE-2020-28946 2024-11-21 14:23 2020-12-9 Show GitHub Exploit DB Packet Storm
210902 5.5 MEDIUM
Local 		nlnetlabs
debian 		unbound
name_server_daemon
debian_linux 		NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing … CWE-59
Link Following 		CVE-2020-28935 2024-11-21 14:23 2020-12-8 Show GitHub Exploit DB Packet Storm
210903 6.1 MEDIUM
Network 		seeddms seeddms Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php. CWE-79
Cross-site Scripting 		CVE-2020-28727 2024-11-21 14:23 2020-12-7 Show GitHub Exploit DB Packet Storm
210904 7.8 HIGH
Local 		kaspersky anti-ransomware_tool The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process. CWE-427
 Uncontrolled Search Path Element 		CVE-2020-28950 2024-11-21 14:23 2020-12-5 Show GitHub Exploit DB Packet Storm
210905 5.5 MEDIUM
Local 		qemu
debian 		qemu
debian_linux 		hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-28916 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
210906 2.7 LOW
Network 		lightbend play_framework An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior … NVD-CWE-Other
CVE-2020-28923 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
210907 7.2 HIGH
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious file… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-28939 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
210908 5.4 MEDIUM
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users. CWE-79
Cross-site Scripting 		CVE-2020-28938 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
210909 7.5 HIGH
Network 		openclinic_project openclinic OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Prot… CWE-306
CWE-425
Missing Authentication for Critical Function
 Direct Request ('Forced Browsing') 		CVE-2020-28937 2024-11-21 14:23 2020-12-4 Show GitHub Exploit DB Packet Storm
210910 9.8 CRITICAL
Network 		adrianmercurio gym_management_system An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable. CWE-89
SQL Injection 		CVE-2020-29288 2024-11-21 14:23 2020-12-3 Show GitHub Exploit DB Packet Storm