Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224791 6.9 警告 レッドハット - libvirt の virSecurityManagerSetProcessLabel 関数における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4291 2013-10-2 16:46 2013-09-2 Show GitHub Exploit DB Packet Storm
224792 5 警告 ADCI solutions - Drupal 用 Node View Permissions モジュールにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5965 2013-10-2 16:39 2013-08-28 Show GitHub Exploit DB Packet Storm
224793 4 警告 レッドハット - libvirt の xen/xend_internal.c の xenDaemonListDefinedDomains 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-4239 2013-10-2 16:32 2013-09-2 Show GitHub Exploit DB Packet Storm
224794 4.3 警告 レッドハット - libvirt の qemuAgentCommand 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2013-4154 2013-10-2 16:31 2013-07-30 Show GitHub Exploit DB Packet Storm
224795 5 警告 レッドハット - libvirt の qemu/qemu_agent.c 内の qemuAgentGetVCPUs 関数におけるメモリ二重解放の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-4153 2013-10-2 16:30 2013-07-30 Show GitHub Exploit DB Packet Storm
224796 7.5 危険 Simone Tellini - Apache 用 mod_accounting モジュールの mod_accounting.c における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-5697 2013-10-2 15:21 2013-09-20 Show GitHub Exploit DB Packet Storm
224797 4.3 警告 Emeric Vernat - JavaMelody の HtmlSessionInformationsReport.java におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4378 2013-10-2 15:16 2013-09-26 Show GitHub Exploit DB Packet Storm
224798 6.8 警告 Creative Design Solutions - WordPress 用 Simple Dropbox Upload プラグインの multi.php における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2013-5963 2013-10-2 14:52 2013-09-17 Show GitHub Exploit DB Packet Storm
224799 5.1 警告 RightHere LLC - WordPress 用 Complete Gallery Manager プラグインの frames/upload-images.php における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2013-5962 2013-10-2 14:43 2013-09-19 Show GitHub Exploit DB Packet Storm
224800 6.8 警告 Danny Morris - WordPress 用 Lazy SEO プラグインの lazyseo.php における任意の PHP コードを実行される脆弱性 CWE-Other
その他 		CVE-2013-5961 2013-10-2 14:24 2013-09-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211661 7.5 HIGH
Network 		kyocera d-copia253mf_plus_firmware A directory traversal vulnerability exists in Kyocera Printer d-COPIA253MF plus. Successful exploitation of this vulnerability could allow an attacker to retrieve or view arbitrary files from the aff… CWE-22
Path Traversal 		CVE-2020-23575 2024-11-21 14:13 2021-05-11 Show GitHub Exploit DB Packet Storm
211662 6.1 MEDIUM
Network 		5none nonecms NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by adding a navigation column which can be injected with arbitrary web script or HTML via the name parame… CWE-352
 Origin Validation Error 		CVE-2020-23376 2024-11-21 14:13 2021-05-11 Show GitHub Exploit DB Packet Storm
211663 5.4 MEDIUM
Network 		5none nonecms Cross-site scripting (XSS) vulnerability in admin/article/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter. CWE-79
Cross-site Scripting 		CVE-2020-23374 2024-11-21 14:13 2021-05-11 Show GitHub Exploit DB Packet Storm
211664 5.4 MEDIUM
Network 		5none nonecms Cross-site scripting (XSS) vulnerability in admin/nav/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter. CWE-79
Cross-site Scripting 		CVE-2020-23373 2024-11-21 14:13 2021-05-11 Show GitHub Exploit DB Packet Storm
211665 6.1 MEDIUM
Network 		5none nonecms Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor/plugins/multiimage/images/swfupload.swf in noneCms v1.3.0 allows remote attackers to inject arbitrary web script or HTML via the… CWE-79
Cross-site Scripting 		CVE-2020-23371 2024-11-21 14:13 2021-05-11 Show GitHub Exploit DB Packet Storm
211666 5.4 MEDIUM
Network 		yzmcms yzmcms In YzmCMS 5.6, stored XSS exists via the common/static/plugin/ueditor/1.4.3.3/php/controller.php action parameter, which allows remote attackers to upload a swf file. The swf file can be injected wit… CWE-79
Cross-site Scripting 		CVE-2020-23370 2024-11-21 14:13 2021-05-11 Show GitHub Exploit DB Packet Storm
211667 6.1 MEDIUM
Network 		yzmcms yzmcms In YzmCMS 5.6, XSS was discovered in member/member_content/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3. CWE-79
Cross-site Scripting 		CVE-2020-23369 2024-11-21 14:13 2021-05-11 Show GitHub Exploit DB Packet Storm
211668 7.8 HIGH
Local 		windscribe windscribe In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates privilege escalation. CWE-428
 Unquoted Search Path or Element 		CVE-2020-22809 2024-11-21 14:13 2021-05-10 Show GitHub Exploit DB Packet Storm
211669 8.8 HIGH
Network 		fork-cms fork_cms Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators. CWE-352
 Origin Validation Error 		CVE-2020-23264 2024-11-21 14:13 2021-05-7 Show GitHub Exploit DB Packet Storm
211670 6.1 MEDIUM
Network 		fork-cms fork_cms Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /… CWE-79
Cross-site Scripting 		CVE-2020-23263 2024-11-21 14:13 2021-05-7 Show GitHub Exploit DB Packet Storm