Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224951	10	危険	シトリックス・システムズ	-	Citrix CloudPortal Services Manager における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-2934	2013-09-18 11:51	2013-09-3	Show	GitHub Exploit DB Packet Storm

224952	10	危険	シトリックス・システムズ	-	Citrix CloudPortal Services Manager における脆弱性	CWE-noinfo 情報不足	CVE-2013-2933	2013-09-18 11:51	2013-09-3	Show	GitHub Exploit DB Packet Storm

224953	7.5	危険	シトリックス・システムズ	-	Citrix XenClient XT の NDVM における任意のコマンドを実行される脆弱性	CWE-DesignError	CVE-2013-2601	2013-09-18 11:50	2013-08-28	Show	GitHub Exploit DB Packet Storm

224954	5	警告	CapaSystems	-	CapaSystems Performance Guard の ogreader/uploadreader.jsp におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-5216	2013-09-18 11:40	2013-06-7	Show	GitHub Exploit DB Packet Storm

224955	4.7	警告	Linux	-	Linux Kernel の Human Interface Device サブシステムにおけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2013-2894	2013-09-18 11:25	2013-08-28	Show	GitHub Exploit DB Packet Storm

224956	4.7	警告	Linux	-	Linux Kernel の Human Interface Device サブシステムにおけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2013-2891	2013-09-18 11:23	2013-08-28	Show	GitHub Exploit DB Packet Storm

224957	4.7	警告	Linux	-	Linux Kernel の Human Interface Device サブシステムにおけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2013-2890	2013-09-18 11:22	2013-08-28	Show	GitHub Exploit DB Packet Storm

224958	6.5	警告	Xen プロジェクト	-	Xen の xenlight ライブラリにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4329	2013-09-18 10:40	2013-09-12	Show	GitHub Exploit DB Packet Storm

224959	7.6	危険	IBM	-	IBM SPSS Analytical Decision Management における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-5369	2013-09-17 22:21	2013-09-12	Show	GitHub Exploit DB Packet Storm

224960	3.5	注意	IBM	-	IBM SPSS Analytical Decision Management におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-4048	2013-09-17 22:17	2013-09-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211071	8.3	HIGH Network	wcms	wcms	Server-side request forgery in Wcms 0.3.2 lets an attacker send crafted requests from the back-end server of a vulnerable web application via the path parameter to wex/cssjs.php. It can help identify…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-24139	2024-11-21 14:14	2021-04-8	Show	GitHub Exploit DB Packet Storm

211072	5.3	MEDIUM Network	wcms	wcms	Directory traversal vulnerability in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the path parameter to wex/cssjs.php.	CWE-22 Path Traversal	CVE-2020-24137	2024-11-21 14:14	2021-04-8	Show	GitHub Exploit DB Packet Storm

211073	6.1	MEDIUM Network	wcms	wcms	A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Wcms 0.3.2, which allows remote attackers to inject arbitrary web script and HTML via the type parameter to wex/cssjs.php.	CWE-79 Cross-site Scripting	CVE-2020-24135	2024-11-21 14:14	2021-04-8	Show	GitHub Exploit DB Packet Storm

211074	6.1	MEDIUM Network	wcms	wcms	Cross Site Scripting (XSS) vulnerability in wcms 0.3.2 allows remote attackers to inject arbitrary web script and HTML via the pagename parameter to wex/html.php.	CWE-79 Cross-site Scripting	CVE-2020-24138	2024-11-21 14:14	2021-04-8	Show	GitHub Exploit DB Packet Storm

211075	8.6	HIGH Network	wcms	wcms	Directory traversal in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the pagename parameter to wex/html.php.	CWE-22 Path Traversal	CVE-2020-24136	2024-11-21 14:14	2021-04-8	Show	GitHub Exploit DB Packet Storm

211076	6.1	MEDIUM Network	episerver	find	An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.	CWE-601 Open Redirect	CVE-2020-24550	2024-11-21 14:14	2021-04-1	Show	GitHub Exploit DB Packet Storm

211077	9.8	CRITICAL Network	mongo-express_project	mongo-express	mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. NOTE: this may overlap CVE-2019-10769.	NVD-CWE-noinfo	CVE-2020-24391	2024-11-21 14:14	2021-03-31	Show	GitHub Exploit DB Packet Storm

211078	9.8	CRITICAL Network	portainer	portainer	Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and n…	CWE-863 Incorrect Authorization	CVE-2020-24264	2024-11-21 14:14	2021-03-17	Show	GitHub Exploit DB Packet Storm

211079	8.8	HIGH Network	portainer	portainer	Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. A non-admin user is allowed to spawn new containers with critical c…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-24263	2024-11-21 14:14	2021-03-17	Show	GitHub Exploit DB Packet Storm

211080	8.8	HIGH Network	thedaylightstudio	fuel_cms	An issue was discovered in FUEL CMS 1.4.7. There is a escalation of privilege vulnerability to obtain super admin privilege via the "id" and "fuel_id" parameters.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2020-23722	2024-11-21 14:14	2021-03-10	Show	GitHub Exploit DB Packet Storm