Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225611	9.3	危険	マイクロソフト	-	複数の Microsoft Windows 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-3174	2013-07-24 14:10	2013-07-9	Show	GitHub Exploit DB Packet Storm

225612	6.9	警告	マイクロソフト	-	Microsoft Windows 7 および Windows Server 2008 R2 の Windows Defender の署名更新機能における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-3154	2013-07-24 14:07	2013-07-9	Show	GitHub Exploit DB Packet Storm

225613	4	警告	サイボウズ	-	サイボウズ Office におけるセッション管理不備の脆弱性	CWE-287 不適切な認証	CVE-2013-3656	2013-07-23 19:09	2013-07-16	Show	GitHub Exploit DB Packet Storm

225614	5.1	警告	strongSwan	-	strongSwan の atodn 関数におけるバッファオーバーフローの脆弱	CWE-119 バッファエラー	CVE-2013-2054	2013-07-23 19:07	2013-05-13	Show	GitHub Exploit DB Packet Storm

225615	2.1	注意	Jordan de Laune	-	Drupal 用 MP3 Player モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-1971	2013-07-23 19:03	2013-04-17	Show	GitHub Exploit DB Packet Storm

225616	4.3	警告	マカフィー	-	McAfee ePolicy Orchestrator および McAfee Agent 用 ePolicy Orchestrator エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-4883	2013-07-23 15:05	2013-06-12	Show	GitHub Exploit DB Packet Storm

225617	6.5	警告	マカフィー	-	McAfee ePolicy Orchestrator および McAfee Agent 用 ePolicy Orchestrator エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-4882	2013-07-23 15:05	2013-05-25	Show	GitHub Exploit DB Packet Storm

225618	7.9	危険	ヒューレット・パッカード	-	HP Database and Middleware Automation における重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2013-2365	2013-07-23 15:03	2013-07-16	Show	GitHub Exploit DB Packet Storm

225619	3.5	注意	ヒューレット・パッカード	-	HP System Management Homepage におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-2364	2013-07-23 15:03	2013-07-18	Show	GitHub Exploit DB Packet Storm

225620	5	警告	ヒューレット・パッカード	-	HP System Management Homepage における重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2013-2363	2013-07-23 15:02	2013-07-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210341	5.3	MEDIUM Network	soplanning	soplanning	SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. It allows a bypass to get access without authentication.	CWE-287 Improper Authentication	CVE-2020-25867	2024-11-21 14:18	2020-10-8	Show	GitHub Exploit DB Packet Storm

210342	5.3	MEDIUM Network	contao	contao	Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rend…	CWE-20 CWE-74 Improper Input Validation Injection	CVE-2020-25768	2024-11-21 14:18	2020-10-8	Show	GitHub Exploit DB Packet Storm

210343	7.5	HIGH Network	wireshark fedoraproject opensuse oracle	wireshark fedora leap zfs_storage_appliance_kit	In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed i…	CWE-476 NULL Pointer Dereference	CVE-2020-25866	2024-11-21 14:18	2020-10-7	Show	GitHub Exploit DB Packet Storm

210344	7.5	HIGH Network	wireshark fedoraproject opensuse debian oracle	wireshark fedora leap debian_linux zfs_storage_appliance_firmware	In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of…	NVD-CWE-noinfo	CVE-2020-25863	2024-11-21 14:18	2020-10-7	Show	GitHub Exploit DB Packet Storm

210345	7.5	HIGH Network	wireshark fedoraproject opensuse debian oracle	wireshark fedora leap debian_linux zfs_storage_appliance_firmware	In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF che…	CWE-354 Improper Validation of Integrity Check Value	CVE-2020-25862	2024-11-21 14:18	2020-10-7	Show	GitHub Exploit DB Packet Storm

210346	7.2	HIGH Network	craftercms	studio	Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. T…	CWE-913 Improper Control of Dynamically-Managed Code Resources	CVE-2020-25803	2024-11-21 14:18	2020-10-7	Show	GitHub Exploit DB Packet Storm

210347	3.2	LOW Local	qemu redhat	qemu enterprise_linux openstack_platform	hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.	CWE-476 NULL Pointer Dereference	CVE-2020-25743	2024-11-21 14:18	2020-10-7	Show	GitHub Exploit DB Packet Storm

210348	3.2	LOW Local	qemu	qemu	pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.	CWE-476 NULL Pointer Dereference	CVE-2020-25742	2024-11-21 14:18	2020-10-7	Show	GitHub Exploit DB Packet Storm

210349	7.2	HIGH Network	craftercms	studio	Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: …	CWE-913 Improper Control of Dynamically-Managed Code Resources	CVE-2020-25802	2024-11-21 14:18	2020-10-6	Show	GitHub Exploit DB Packet Storm

210350	7.5	HIGH Network	redhat netapp	wildfly_openssl jboss_enterprise_application_platform single_sign-on jboss_fuse jboss_data_grid openshift_application_runtimes data_grid oncommand_workflow_automation oncomman…	A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest …	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2020-25644	2024-11-21 14:18	2020-10-6	Show	GitHub Exploit DB Packet Storm