Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225021 7.1 危険 Linux - Linux Kernel の net/ipv6/udp_offload.c の udp6_ufo_fragment 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2013-4563 2013-11-21 15:55 2013-11-5 Show GitHub Exploit DB Packet Storm
225022 5 警告 GNU Project
Novell		 - GnuTLS の DANE ライブラリ の dane_raw_tlsa におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2013-4487 2013-11-21 15:00 2013-10-29 Show GitHub Exploit DB Packet Storm
225023 5 警告 GNU Project - GnuTLS の DANE ライブラリ の dane_query_tlsa 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4466 2013-11-21 14:52 2013-10-23 Show GitHub Exploit DB Packet Storm
225024 7.5 危険 The Foreman
レッドハット		 - Foreman の app/models/concerns/host_common.rb における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-4386 2013-11-21 14:45 2013-10-7 Show GitHub Exploit DB Packet Storm
225025 4.3 警告 Open-Xchange - Open-Xchange AppSuite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6074 2013-11-21 14:40 2013-10-21 Show GitHub Exploit DB Packet Storm
225026 4.3 警告 Potix Corporation - ZK Framework におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5966 2013-11-21 14:37 2013-10-8 Show GitHub Exploit DB Packet Storm
225027 6.8 警告 ISC, Inc. - ISC BIND などの製品で使用される Microsoft Windows Server 2008 の Winsock WSAIoctl API における IP アドレス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-6230 2013-11-20 18:06 2013-11-5 Show GitHub Exploit DB Packet Storm
225028 2.1 注意 Linux - Linux Kernel の kernel/signal.c における重要な情報を取得される脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2141 2013-11-20 18:03 2013-04-25 Show GitHub Exploit DB Packet Storm
225029 6.4 警告 レッドハット - Red Hat JBoss Enterprise Application Platform におけるセッションをハイジャックされる脆弱性 CWE-16
環境設定 		CVE-2013-4128 2013-11-20 17:36 2013-08-12 Show GitHub Exploit DB Packet Storm
225030 7.2 危険 VMware - Linux 上で稼働する VMware Workstation および VMware Player におけるホスト OS の権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5972 2013-11-20 17:14 2013-11-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198281 9.8 CRITICAL
Network 		glasswire glasswire A code injection vulnerability exists within the firewall software of GlassWire v2.1.167 that could lead to arbitrary code execution from a file in the user path on first execution. CWE-94
Code Injection 		CVE-2021-22961 2024-11-21 14:51 2021-10-18 Show GitHub Exploit DB Packet Storm
198282 6.1 MEDIUM
Network 		fastify fastify-static A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000… CWE-601
Open Redirect 		CVE-2021-22963 2024-11-21 14:51 2021-10-15 Show GitHub Exploit DB Packet Storm
198283 8.8 HIGH
Network 		fastify fastify-static A redirect vulnerability in the `fastify-static` module version >= 4.2.4 and < 4.4.1 allows remote attackers to redirect Mozilla Firefox users to arbitrary websites via a double slash `//` followed b… CWE-601
Open Redirect 		CVE-2021-22964 2024-11-21 14:51 2021-10-15 Show GitHub Exploit DB Packet Storm
198284 9.8 CRITICAL
Network 		config-handler_project config-handler All versions of package config-handler are vulnerable to Prototype Pollution when loading config files. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2021-23448 2024-11-21 14:51 2021-10-12 Show GitHub Exploit DB Packet Storm
198285 6.1 MEDIUM
Network 		teddy_project teddy This affects the package teddy before 0.5.9. A type confusion vulnerability can be used to bypass input sanitization when the model content is an array (instead of a string). CWE-843
Type Confusion 		CVE-2021-23447 2024-11-21 14:51 2021-10-8 Show GitHub Exploit DB Packet Storm
198286 9.8 CRITICAL
Network 		concretecms concrete_cms A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction wit… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2021-22958 2024-11-21 14:51 2021-10-7 Show GitHub Exploit DB Packet Storm
198287 6.1 MEDIUM
Network 		bosch rexroth_indramotion_mlc_l20_firmware
rexroth_indramotion_mlc_l40_firmware 		The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the client a manipulated URL. CWE-79
Cross-site Scripting 		CVE-2021-23856 2024-11-21 14:51 2021-10-5 Show GitHub Exploit DB Packet Storm
198288 7.5 HIGH
Network 		bosch rexroth_indramotion_xlc_firmware
rexroth_indramotion_mlc_firmware 		The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using… CWE-326
Inadequate Encryption Strength 		CVE-2021-23855 2024-11-21 14:51 2021-10-5 Show GitHub Exploit DB Packet Storm
198289 7.5 HIGH
Network 		bosch rexroth_indramotion_mlc_l20_firmware
rexroth_indramotion_mlc_l40_firmware
rexroth_indramotion_mlc_l25_firmware
rexroth_indramotion_mlc_l45_firmware
rexroth_indramotion_mlc_l65_firmware 		Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, … CWE-306
Missing Authentication for Critical Function 		CVE-2021-23858 2024-11-21 14:51 2021-10-5 Show GitHub Exploit DB Packet Storm
198290 9.8 CRITICAL
Network 		bosch rexroth_indramotion_mlc_l20_firmware
rexroth_indramotion_mlc_l40_firmware
rexroth_indramotion_mlc_l25_firmware
rexroth_indramotion_mlc_l45_firmware
rexroth_indramotion_mlc_l65_firmware 		Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to… CWE-287
Improper Authentication 		CVE-2021-23857 2024-11-21 14:51 2021-10-5 Show GitHub Exploit DB Packet Storm