Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224781 10 危険 Mozilla Foundation - 複数の Mozilla 製品における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2013-5603 2013-12-5 16:42 2013-10-29 Show GitHub Exploit DB Packet Storm
224782 8.3 危険 Mozilla Foundation - Mozilla Firefox の PDF.js における任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5598 2013-12-5 16:39 2013-10-29 Show GitHub Exploit DB Packet Storm
224783 6.8 警告 Mozilla Foundation - 複数の Mozilla 製品の cycle collection の実装における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2013-5596 2013-12-5 16:38 2013-10-29 Show GitHub Exploit DB Packet Storm
224784 4.3 警告 Mozilla Foundation - 複数の Mozilla 製品の SELECT 要素の実装におけるアドレスバーを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-5593 2013-12-5 16:37 2013-10-29 Show GitHub Exploit DB Packet Storm
224785 10 危険 Mozilla Foundation - Mozilla Firefox のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-5592 2013-12-5 16:36 2013-10-29 Show GitHub Exploit DB Packet Storm
224786 10 危険 Mozilla Foundation - 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-5591 2013-12-5 16:18 2013-10-29 Show GitHub Exploit DB Packet Storm
224787 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2013-5330 2013-12-5 16:16 2013-11-12 Show GitHub Exploit DB Packet Storm
224788 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2013-5329 2013-12-5 16:11 2013-11-12 Show GitHub Exploit DB Packet Storm
224789 7.5 危険 レッドハット - Red Hat Network Satellite における管理者アカウントを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4480 2013-12-5 16:01 2013-11-12 Show GitHub Exploit DB Packet Storm
224790 1.2 注意 Samba Project - Samba における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2013-4476 2013-12-5 15:58 2013-11-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210811 5.4 MEDIUM
Network 		dundas dundas_bi The server in Dundas BI through 8.0.0.1001 allows XSS via an HTML label when creating or editing a dashboard. CWE-79
Cross-site Scripting 		CVE-2020-28408 2024-11-21 14:22 2020-11-11 Show GitHub Exploit DB Packet Storm
210812 4.4 MEDIUM
Local 		xen
fedoraproject
debian 		xen
fedora
debian_linux 		Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Pl… CWE-862
 Missing Authorization 		CVE-2020-28368 2024-11-21 14:22 2020-11-11 Show GitHub Exploit DB Packet Storm
210813 7.8 HIGH
Local 		tcl 32s330_firmware
40s330_firmware
43s434_firmware
50s434_firmware
55s434_firmware
65s434_firmware
75s434_firmware 		A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows a local unprivileged attacker, such as a … CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-28055 2024-11-21 14:22 2020-11-11 Show GitHub Exploit DB Packet Storm
210814 7.5 HIGH
Network 		set_project set Prototype pollution vulnerability in '@strikeentco/set' version 1.0.0 allows attacker to cause a denial of service and may lead to remote code execution. NVD-CWE-noinfo
CVE-2020-28267 2024-11-21 14:22 2020-11-11 Show GitHub Exploit DB Packet Storm
210815 8.8 HIGH
Adjacent 		netgear r6400v2_firmware
r6400_firmware
r7000p_firmware
xr300_firmware
r8000_firmware
r8300_firmware
r8500_firmware
r7300dst_firmware
r7850_firmware
r7900_firmware
rax20_firmwar… 		upnpd on certain NETGEAR devices allows remote (LAN) attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.102_10.0.75, R6400 V1.0.1.62_1.0.41, R7000P V1.… CWE-787
 Out-of-bounds Write 		CVE-2020-28373 2024-11-21 14:22 2020-11-10 Show GitHub Exploit DB Packet Storm
210816 9.8 CRITICAL
Network 		readytalk avian An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27. The FileOutputStream.write() method in FileOutputStream.java has a boundary check to prevent out-of-bounds memory read/write operat… CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2020-28371 2024-11-21 14:22 2020-11-10 Show GitHub Exploit DB Packet Storm
210817 6.1 MEDIUM
Network 		locust locust A stored cross-site scripting (XSS) vulnerability affects the Web UI in Locust before 1.3.2, if the installation violates the usage expectations by exposing this UI to outside users. CWE-79
Cross-site Scripting 		CVE-2020-28364 2024-11-21 14:22 2020-11-10 Show GitHub Exploit DB Packet Storm
210818 7.8 HIGH
Local 		capasystems capainstaller CapaSystems CapaInstaller before 6.0.101 does not properly assign, modify, or check privileges for an actor who attempts to edit registry values, allowing an attacker to escalate privileges. NVD-CWE-noinfo
CVE-2020-27977 2024-11-21 14:22 2020-11-10 Show GitHub Exploit DB Packet Storm
210819 6.1 MEDIUM
Network 		mitel shoretel_firmware The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due… CWE-79
Cross-site Scripting 		CVE-2020-28351 2024-11-21 14:22 2020-11-9 Show GitHub Exploit DB Packet Storm
210820 6.5 MEDIUM
Network 		chirpstack network_server An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCol… CWE-20
 Improper Input Validation  		CVE-2020-28349 2024-11-21 14:22 2020-11-9 Show GitHub Exploit DB Packet Storm