Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225051	6.8	警告	シスコシステムズ	-	Cisco Services Portal の Cisco Intelligent Automation for Cloud コンポーネントにおける任意のファイルを読まれる脆弱性	CWE-20 不適切な入力確認	CVE-2013-3406	2013-11-20 10:14	2013-11-15	Show	GitHub Exploit DB Packet Storm

225052	6.8	警告	シスコシステムズ	-	Cisco IOS の SSL VPN の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-6686	2013-11-20 10:07	2013-11-13	Show	GitHub Exploit DB Packet Storm

225053	6.9	警告	シスコシステムズ	-	Cisco Unified Communications Manager におけるファイルのパーミッションを回避される脆弱性	CWE-20 不適切な入力確認	CVE-2013-6689	2013-11-20 10:02	2013-11-13	Show	GitHub Exploit DB Packet Storm

225054	6.8	警告	シスコシステムズ	-	Cisco Unified Communications Manager の Enterprise License Manager コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-6688	2013-11-20 09:58	2013-11-13	Show	GitHub Exploit DB Packet Storm

225055	7.8	危険	Tryton	-	Tryton のクライアントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-4510	2013-11-19 17:14	2013-11-4	Show	GitHub Exploit DB Packet Storm

225056	4	警告	MIT Kerberos	-	MIT Kerberos の鍵配布センタ用の不特定のサードパーティ製データベースモジュールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2013-6800	2013-11-19 16:53	2013-11-4	Show	GitHub Exploit DB Packet Storm

225057	3.5	注意	IBM	-	IBM WebSphere Virtual Enterprise の管理コンソールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-5425	2013-11-19 15:47	2013-11-11	Show	GitHub Exploit DB Packet Storm

225058	3.5	注意	IBM	-	IBM WebSphere Application Server の管理コンソールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-5418	2013-11-19 15:42	2013-11-11	Show	GitHub Exploit DB Packet Storm

225059	4.3	警告	IBM	-	IBM WebSphere Application Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-5417	2013-11-19 15:41	2013-11-11	Show	GitHub Exploit DB Packet Storm

225060	3.5	注意	IBM	-	IBM WebSphere Application Server のマイグレーション機能における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-5414	2013-11-19 15:41	2013-11-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210751	9.8	CRITICAL Network	barco	wepresent_wipg-1600w_firmware	Barco wePresent WiPG-1600W devices download code without an Integrity Check. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W firmware does not perform verif…	CWE-494 Download of Code Without Integrity Check	CVE-2020-28332	2024-11-21 14:22	2020-11-25	Show	GitHub Exploit DB Packet Storm

210752	6.5	MEDIUM Network	barco	wepresent_wipg-1600w_firmware	Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) c…	CWE-522 Insufficiently Protected Credentials	CVE-2020-28330	2024-11-21 14:22	2020-11-25	Show	GitHub Exploit DB Packet Storm

210753	7.5	HIGH Network	barco	wepresent_wipg-1600w_firmware	Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the …	NVD-CWE-Other	CVE-2020-28331	2024-11-21 14:22	2020-11-25	Show	GitHub Exploit DB Packet Storm

210754	6.5	MEDIUM Network	hashicorp	nomad	HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, an…	CWE-22 Path Traversal	CVE-2020-28348	2024-11-21 14:22	2020-11-24	Show	GitHub Exploit DB Packet Storm

210755	9.8	CRITICAL Network	private-ip_project	private-ip	Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF. An attacker can perform a large range of requests to ARIN rese…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-28360	2024-11-21 14:22	2020-11-24	Show	GitHub Exploit DB Packet Storm

210756	7.8	HIGH Local	broadcom	unified_infrastructure_management	CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges.	NVD-CWE-noinfo	CVE-2020-28421	2024-11-21 14:22	2020-11-24	Show	GitHub Exploit DB Packet Storm

210757	6.5	MEDIUM Network	hashicorp	consul	HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL permissions to read the Connect CA private key configuration. Fixed in 1.6.10, 1.7.10, and 1.8.6.	CWE-863 Incorrect Authorization	CVE-2020-28053	2024-11-21 14:22	2020-11-23	Show	GitHub Exploit DB Packet Storm

210758	7.8	HIGH Local	securityonionsolutions	security_onion	Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home/<user>…	CWE-306 Missing Authentication for Critical Function	CVE-2020-27985	2024-11-21 14:22	2020-11-23	Show	GitHub Exploit DB Packet Storm

210759	8.8	HIGH Network	schneider-electric	ecostruxure_control_expert	A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution…	-	CVE-2020-28213	2024-11-21 14:22	2020-11-20	Show	GitHub Exploit DB Packet Storm

210760	9.8	CRITICAL Network	schneider-electric	ecostruxure_control_expert	A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized …	-	CVE-2020-28212	2024-11-21 14:22	2020-11-20	Show	GitHub Exploit DB Packet Storm