Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224781 4.3 警告 IBM - IBM WebSphere Application Server の管理コンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2967 2013-08-23 15:39 2013-08-19 Show GitHub Exploit DB Packet Storm
224782 3.5 注意 IBM - IBM WebSphere Application Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0597 2013-08-23 15:39 2013-08-19 Show GitHub Exploit DB Packet Storm
224783 4 警告 IBM - IBM WebSphere Portal におけるユーザディレクトリにアクセスされる脆弱性 CWE-noinfo
情報不足 		CVE-2013-3016 2013-08-23 15:37 2013-08-21 Show GitHub Exploit DB Packet Storm
224784 8.5 危険 IBM - IBM Avocent 1754 KVM スイッチ上で稼働する GCM16 および GCM32 における任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-0526 2013-08-23 15:37 2013-08-15 Show GitHub Exploit DB Packet Storm
224785 10 危険 Sixnet - Sixnet UDR および RTU ファームウェアのユニバーサルプロトコル実装における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-2802 2013-08-23 15:13 2013-08-19 Show GitHub Exploit DB Packet Storm
224786 6 警告 Dan Wilga - Drupal 用 Monster Menus モジュールにおける任意のサブミッションを削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4230 2013-08-23 14:46 2013-08-7 Show GitHub Exploit DB Packet Storm
224787 2.1 注意 Dan Wilga - Drupal 用 Monster Menus モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4229 2013-08-23 14:44 2013-08-7 Show GitHub Exploit DB Packet Storm
224788 7.5 危険 Google - Google Chrome で使用される Blink におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2903 2013-08-22 18:59 2013-08-20 Show GitHub Exploit DB Packet Storm
224789 7.5 危険 Google - Google Chrome で使用される Blink の XSLT ProcessingInstruction の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2902 2013-08-22 18:58 2013-08-20 Show GitHub Exploit DB Packet Storm
224790 7.5 危険 Google - Google Chrome で使用される Almost Native Graphics Layer Engine における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2013-2901 2013-08-22 18:53 2013-08-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197821 5.4 MEDIUM
Adjacent 		sloan optima_eaf-100_firmware
optima_eaf-150_firmware
optima_eaf-200_firmware
optima_eaf-225_firmware
optima_eaf-250_firmware
optima_eaf-275_firmware
optima_eaf-350_firmware
optima_eaf… 		There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kin… CWE-306
Missing Authentication for Critical Function 		CVE-2021-20107 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
197822 6.7 MEDIUM
Local 		tenable nessus Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaini… NVD-CWE-noinfo
CVE-2021-20079 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
197823 6.1 MEDIUM
Network 		machform machform Machform prior to version 16 is vulnerable to an open redirect in Safari_init.php due to an improperly sanitized 'ref' parameter. CWE-601
Open Redirect 		CVE-2021-20105 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
197824 8.1 HIGH
Network 		machform machform Machform prior to version 16 is vulnerable to unauthenticated remote code execution due to insufficient sanitization of file attachments uploaded with forms through upload.php. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-20104 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
197825 6.1 MEDIUM
Network 		machform machform Machform prior to version 16 is vulnerable to stored cross-site scripting due to insufficient sanitization of file attachments uploaded with forms through upload.php. CWE-79
Cross-site Scripting 		CVE-2021-20103 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
197826 8.8 HIGH
Network 		machform machform Machform prior to version 16 is vulnerable to cross-site request forgery due to a lack of CSRF tokens in place. CWE-352
 Origin Validation Error 		CVE-2021-20102 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
197827 6.1 MEDIUM
Network 		machform machform Machform prior to version 16 is vulnerable to HTTP host header injection due to improperly validated host headers. This could cause a victim to receive malformed content. CWE-74
Injection 		CVE-2021-20101 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
197828 6.7 MEDIUM
Local 		tenable nessus Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows ex… NVD-CWE-noinfo
CVE-2021-20100 2024-11-21 14:45 2021-06-28 Show GitHub Exploit DB Packet Storm
197829 6.7 MEDIUM
Local 		tenable nessus Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows ex… NVD-CWE-noinfo
CVE-2021-20099 2024-11-21 14:45 2021-06-28 Show GitHub Exploit DB Packet Storm
197830 7.5 HIGH
Network 		sonicwall sonicos
sonicosv 		A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2021-20019 2024-11-21 14:45 2021-06-24 Show GitHub Exploit DB Packet Storm