Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224831	7.5	危険	Vastal I-Tech & Co.	-	Vastal I-Tech phpVID における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-5311	2013-08-21 14:01	2013-08-8	Show	GitHub Exploit DB Packet Storm

224832	5	警告	Willy Tarreau Canonical レッドハット	-	HAProxy におけるサービス運用妨害 (DoS) の脆弱性	CWE-16 環境設定	CVE-2013-2175	2013-08-20 16:32	2013-06-17	Show	GitHub Exploit DB Packet Storm

224833	6.8	警告	BigTree CMS	-	BigTree CMS の core/admin/modules/users/create.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-4881	2013-08-20 15:33	2013-07-17	Show	GitHub Exploit DB Packet Storm

224834	6.9	警告	Canonical	-	Debian GNU/Linux などの製品で使用される MySQL Server 用 post-installation スクリプトにおける設定ファイルを読まれる脆弱性	CWE-362 競合状態	CVE-2013-2162	2013-08-20 15:29	2013-07-25	Show	GitHub Exploit DB Packet Storm

224835	10	危険	ヒューレット・パッカード	-	HP Service Manager および HP Service Center における特権的アクセス権を取得される脆弱性	CWE-noinfo 情報不足	CVE-2013-4808	2013-08-20 15:28	2013-08-14	Show	GitHub Exploit DB Packet Storm

224836	7.5	危険	Mauro Lorenzutti	-	TYPO3 用 DB Integration エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-5310	2013-08-20 14:57	2013-08-5	Show	GitHub Exploit DB Packet Storm

224837	4.3	警告	Ilia Alshanetsky	-	FUDforum の install/forum_data/src/custom_fields.inc.t におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-5309	2013-08-20 14:47	2013-02-17	Show	GitHub Exploit DB Packet Storm

224838	4.3	警告	Juraj Sulek	-	TYPO3 用 RealURL Management エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-5308	2013-08-20 14:39	2013-08-5	Show	GitHub Exploit DB Packet Storm

224839	4.3	警告	Kennziffer.com	-	TYPO3 用 Faceted Search エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-5307	2013-08-20 14:30	2013-08-5	Show	GitHub Exploit DB Packet Storm

224840	7.5	危険	Die Netzmacher	-	TYPO3 用 Browser - TYPO3 without PHP エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-5306	2013-08-20 14:20	2013-08-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1951	4.3	MEDIUM Network	-	-	Joomla Component jomres 9.11.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information by tricking authenticated users into visiting malicious pag…	CWE-352 Origin Validation Error	CVE-2018-25354	2026-05-27 04:37	2026-05-24	Show	GitHub Exploit DB Packet Storm

1952	8.4	HIGH Local	-	-	Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious …	CWE-120 Classic Buffer Overflow	CVE-2018-25355	2026-05-27 04:37	2026-05-24	Show	GitHub Exploit DB Packet Storm

1953	8.4	HIGH Local	-	-	SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can tri…	CWE-120 Classic Buffer Overflow	CVE-2018-25356	2026-05-27 04:37	2026-05-24	Show	GitHub Exploit DB Packet Storm

1954	8.7	HIGH Network	-	-	NukeViet CMS is a multi Content Management System. Versions 4.5.07 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability caused by insufficient server-side input sanitization in the Req…	CWE-79 Cross-site Scripting	CVE-2026-41147	2026-05-27 04:37	2026-05-23	Show	GitHub Exploit DB Packet Storm

1955	-		-	-	Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0-alpha.1 through 11.14.0, are vulnerable to HTML …	CWE-94 Code Injection	CVE-2026-41149	2026-05-27 04:37	2026-05-23	Show	GitHub Exploit DB Packet Storm

1956	-		-	-	Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1 through 11.12.0 are vulnerable to CSS …	CWE-94 Code Injection	CVE-2026-41148	2026-05-27 04:37	2026-05-23	Show	GitHub Exploit DB Packet Storm

1957	8.8	HIGH Network	-	-	A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manip…	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-9294	2026-05-27 04:37	2026-05-23	Show	GitHub Exploit DB Packet Storm

1958	8.8	HIGH Network	-	-	A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Handler. Performing a manipul…	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-9295	2026-05-27 04:37	2026-05-23	Show	GitHub Exploit DB Packet Storm

1959	6.3	MEDIUM Network	-	-	A weakness has been identified in Edimax BR-6428NS 1.10. This impacts the function system of the file /goform/formWlanM of the component POST Request Handler. Executing a manipulation of the argument…	CWE-74 CWE-77 Injection Command Injection	CVE-2026-9296	2026-05-27 04:37	2026-05-23	Show	GitHub Exploit DB Packet Storm

1960	6.3	MEDIUM Network	-	-	A security vulnerability has been detected in Edimax BR-6428NS 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. The manipulation of th…	CWE-74 CWE-77 Injection Command Injection	CVE-2026-9297	2026-05-27 04:37	2026-05-23	Show	GitHub Exploit DB Packet Storm