Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225451 10 危険 Mozilla Foundation - Mozilla Firefox および SeaMonkey におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-0789 2013-06-27 17:00 2013-04-2 Show GitHub Exploit DB Packet Storm
225452 10 危険 Mozilla Foundation - 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-0788 2013-06-27 16:57 2013-04-2 Show GitHub Exploit DB Packet Storm
225453 6.5 警告 Linux - Linux Kernel の drivers/vhost/vhost.c における ホスト OS 権限を取得される脆弱性 CWE-DesignError
CVE-2013-0311 2013-06-27 16:46 2013-02-22 Show GitHub Exploit DB Packet Storm
225454 7.5 危険 Christophe Balisky - TYPO3 用 meta_feedit エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-4683 2013-06-27 16:44 2013-06-3 Show GitHub Exploit DB Packet Storm
225455 7.5 危険 Bas van Beek - TYPO3 用 Multishop エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-4682 2013-06-27 16:44 2013-06-3 Show GitHub Exploit DB Packet Storm
225456 7.5 危険 Michael Staatz - TYPO3 用 sofortueberweisung2commerce エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-4681 2013-06-27 16:43 2013-01-28 Show GitHub Exploit DB Packet Storm
225457 6.4 警告 Urs Maag - TYPO3 用 Maag Form Captcha エクステンションにおけるオープンリダイレクトの脆弱性 CWE-noinfo
情報不足 		CVE-2013-4680 2013-06-27 16:42 2013-06-3 Show GitHub Exploit DB Packet Storm
225458 4.9 警告 Xen プロジェクト
Linux		 - Linux Kernel 用 Xen におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-0231 2013-06-27 16:40 2013-02-5 Show GitHub Exploit DB Packet Storm
225459 5.2 警告 Linux - Linux Kernel の Xen netback 機能におけるサービス運用妨害 (ループ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-0216 2013-06-27 16:36 2013-02-14 Show GitHub Exploit DB Packet Storm
225460 4.3 警告 Kristof De Jaeger - Drupal 用 Display Suite モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2177 2013-06-27 16:33 2013-06-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200711 9.8 CRITICAL
Network 		sygnoos popup_builder The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulnerable to SQL injection (in the sgImportPopups function in sg_popup_ajax.php) via PHP Deserialization on attacker-controlled data w… CWE-89
CWE-502
SQL Injection
 Deserialization of Untrusted Data 		CVE-2020-9006 2024-11-21 14:39 2020-02-18 Show GitHub Exploit DB Packet Storm
200712 7.5 HIGH
Network 		gitlab gitlab In GitLab Enterprise Edition (EE) 12.5.0 through 12.7.5, sharing a group with a group could grant project access to unauthorized users. NVD-CWE-noinfo
CVE-2020-8795 2024-11-21 14:39 2020-02-18 Show GitHub Exploit DB Packet Storm
200713 7.8 HIGH
Local 		valvesoftware dota_2 meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote attackers to achieve code execution or denial of service by creating a gaming server with a crafted map, and inviting a victim to this … CWE-787
 Out-of-bounds Write 		CVE-2020-9005 2024-11-21 14:39 2020-02-17 Show GitHub Exploit DB Packet Storm
200714 6.5 MEDIUM
Network 		microchip syncserver_s100_firmware
syncserver_s200_firmware
syncserver_s250_firmware
syncserver_s300_firmware
syncserver_s350_firmware 		Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to authlog.php. CWE-22
Path Traversal 		CVE-2020-9033 2024-11-21 14:39 2020-02-17 Show GitHub Exploit DB Packet Storm
200715 6.5 MEDIUM
Network 		microchip syncserver_s100_firmware
syncserver_s200_firmware
syncserver_s250_firmware
syncserver_s300_firmware
syncserver_s350_firmware 		Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to kernlog.php. CWE-22
Path Traversal 		CVE-2020-9032 2024-11-21 14:39 2020-02-17 Show GitHub Exploit DB Packet Storm
200716 6.5 MEDIUM
Network 		microchip syncserver_s100_firmware
syncserver_s200_firmware
syncserver_s250_firmware
syncserver_s300_firmware
syncserver_s350_firmware 		Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php. CWE-22
Path Traversal 		CVE-2020-9031 2024-11-21 14:39 2020-02-17 Show GitHub Exploit DB Packet Storm
200717 6.5 MEDIUM
Network 		microchip syncserver_s100_firmware
syncserver_s200_firmware
syncserver_s250_firmware
syncserver_s300_firmware
syncserver_s350_firmware 		Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to the syslog.php. CWE-22
Path Traversal 		CVE-2020-9030 2024-11-21 14:39 2020-02-17 Show GitHub Exploit DB Packet Storm
200718 6.5 MEDIUM
Network 		microchip syncserver_s100_firmware
syncserver_s200_firmware
syncserver_s250_firmware
syncserver_s300_firmware
syncserver_s350_firmware 		Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php. CWE-22
Path Traversal 		CVE-2020-9029 2024-11-21 14:39 2020-02-17 Show GitHub Exploit DB Packet Storm
200719 6.1 MEDIUM
Network 		microchip syncserver_s100_firmware
syncserver_s200_firmware
syncserver_s250_firmware
syncserver_s300_firmware
syncserver_s350_firmware 		Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenan… CWE-79
Cross-site Scripting 		CVE-2020-9028 2024-11-21 14:39 2020-02-17 Show GitHub Exploit DB Packet Storm
200720 9.8 CRITICAL
Network 		eltex-co ntp-2_firmware
ntp-rg-1402g_firmware 		ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd. The NTP-2 device is also affected. CWE-78
OS Command  		CVE-2020-9027 2024-11-21 14:39 2020-02-17 Show GitHub Exploit DB Packet Storm