Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225101	4.3	警告	シスコシステムズ	-	Cisco コンテンツセキュリティ管理アプライアンスデバイス上で稼働する Cisco Content Security Management におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3396	2013-06-28 11:54	2013-06-26	Show	GitHub Exploit DB Packet Storm

225102	5	警告	シスコシステムズ	-	Cisco Jabber for Windows および Cisco Virtualization Experience Media Engine におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-3393	2013-06-28 11:53	2013-06-25	Show	GitHub Exploit DB Packet Storm

225103	7.8	危険	シスコシステムズ	-	Cisco Adaptive Security Appliances デバイス用 Next-Generation Firewall モジュールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-3382	2013-06-28 11:53	2013-06-26	Show	GitHub Exploit DB Packet Storm

225104	4.3	警告	Mozilla Foundation	-	複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0793	2013-06-27 17:21	2013-04-2	Show	GitHub Exploit DB Packet Storm

225105	9.3	危険	cairographics.org Mozilla Foundation Pixman	-	複数の Mozilla 製品などで使用される Pixman における整数符号エラーの脆弱性	CWE-189 数値処理の問題	CVE-2013-0800	2013-06-27 17:18	2013-04-2	Show	GitHub Exploit DB Packet Storm

225106	10	危険	Mozilla Foundation	-	Linux 上で稼働する複数の Mozilla 製品における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2013-0796	2013-06-27 17:15	2013-04-2	Show	GitHub Exploit DB Packet Storm

225107	10	危険	Mozilla Foundation	-	複数の Mozilla 製品の SOW の実装における同一生成元ポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0795	2013-06-27 17:11	2013-04-2	Show	GitHub Exploit DB Packet Storm

225108	5.8	警告	Mozilla Foundation	-	Mozilla Firefox および SeaMonkey におけるフィッシング攻撃を実行される脆弱性	CWE-Other その他	CVE-2013-0794	2013-06-27 17:08	2013-04-2	Show	GitHub Exploit DB Packet Storm

225109	4.3	警告	Mozilla Foundation	-	Mozilla Firefox および SeaMonkey における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-0792	2013-06-27 17:02	2013-04-2	Show	GitHub Exploit DB Packet Storm

225110	10	危険	Mozilla Foundation	-	Mozilla Firefox および SeaMonkey におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2013-0789	2013-06-27 17:00	2013-04-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200061	9.8	CRITICAL Network	ossec	ossec	In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of ossec-alert formatted msgs (received from a…	CWE-416 Use After Free	CVE-2020-8444	2024-11-21 14:38	2020-01-30	Show	GitHub Exploit DB Packet Storm

200062	9.8	CRITICAL Network	ossec	ossec	In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog ms…	CWE-787 CWE-193 Out-of-bounds Write Off-by-one Error	CVE-2020-8443	2024-11-21 14:38	2020-01-30	Show	GitHub Exploit DB Packet Storm

200063	8.8	HIGH Network	ossec	ossec	In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authentica…	CWE-787 Out-of-bounds Write	CVE-2020-8442	2024-11-21 14:38	2020-01-30	Show	GitHub Exploit DB Packet Storm

200064	7.2	HIGH Network	arris	ruckus_zoneflex_r500_firmware	Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=\|cat${IF…	CWE-78 OS Command	CVE-2020-8438	2024-11-21 14:38	2020-01-30	Show	GitHub Exploit DB Packet Storm

200065	9.8	CRITICAL Network	denx opensuse	u-boot leap	In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute…	CWE-787 CWE-415 Out-of-bounds Write Double Free	CVE-2020-8432	2024-11-21 14:38	2020-01-30	Show	GitHub Exploit DB Packet Storm

200066	7.5	HIGH Network	iktm	bearftp	IKTeam BearFTP before 0.2.0 allows remote attackers to achieve denial of service via a large volume of connections to the PASV mode port.	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2020-8416	2024-11-21 14:38	2020-01-30	Show	GitHub Exploit DB Packet Storm

200067	8.8	HIGH Network	webargs_project	webargs	flaskparser.py in Webargs 5.x through 5.5.2 doesn't check that the Content-Type header is application/json when receiving JSON input. If the request body is valid JSON, it will accept it even if the …	CWE-352 Origin Validation Error	CVE-2020-7965	2024-11-21 14:38	2020-01-30	Show	GitHub Exploit DB Packet Storm

200068	7.1	HIGH Local	linux	linux_kernel	fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel …	CWE-416 Use After Free	CVE-2020-8428	2024-11-21 14:38	2020-01-29	Show	GitHub Exploit DB Packet Storm

200069	5.4	MEDIUM Network	elementor	website_builder	The Elementor plugin before 2.8.5 for WordPress suffers from a reflected XSS vulnerability on the elementor-system-info page. These can be exploited by targeting an authenticated user.	CWE-79 Cross-site Scripting	CVE-2020-8426	2024-11-21 14:38	2020-01-29	Show	GitHub Exploit DB Packet Storm

200070	6.5	MEDIUM Network	cups_easy_$purchase_\&_inventory$_project	cups_easy_$purchase_\&_inventory$	Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account deletion via userdelete.php.	CWE-352 Origin Validation Error	CVE-2020-8425	2024-11-21 14:38	2020-01-29	Show	GitHub Exploit DB Packet Storm