Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225631 9.3 危険 アップル - Apple QuickTime におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-0988 2013-06-7 13:54 2013-05-22 Show GitHub Exploit DB Packet Storm
225632 9.3 危険 アップル - Apple QuickTime における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2013-0987 2013-06-7 13:48 2013-05-22 Show GitHub Exploit DB Packet Storm
225633 9.3 危険 アップル - Apple QuickTime におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-0986 2013-06-7 13:42 2013-05-22 Show GitHub Exploit DB Packet Storm
225634 9.3 危険 アップル - Apple QuickTime におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-0989 2013-06-7 13:38 2013-05-22 Show GitHub Exploit DB Packet Storm
225635 7.5 危険 アップル
Ruby on Rails project		 - Ruby on Rails における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2013-0333 2013-06-7 12:18 2013-01-28 Show GitHub Exploit DB Packet Storm
225636 10 危険 アップル
Ruby on Rails project		 - Ruby on Rails の ActiveRecord におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-0277 2013-06-7 12:09 2013-02-11 Show GitHub Exploit DB Packet Storm
225637 4.3 警告 アップル
Ruby on Rails project		 - Ruby on Rails の ActiveRecord における attr_protected 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0276 2013-06-7 12:07 2013-02-11 Show GitHub Exploit DB Packet Storm
225638 2.6 注意 日本ケンタッキー・フライド・チキン株式会社 - Android 版 ピザハット公式アプリ 宅配ピザのPizzaHut における SSL サーバ証明書の検証不備の脆弱性 CWE-Other
その他 		CVE-2013-3641 2013-06-7 12:01 2013-06-7 Show GitHub Exploit DB Packet Storm
225639 2.6 注意 マイクロソフト - Internet Explorer における情報漏えいの脆弱性 CWE-Other
その他 		- 2013-06-7 12:00 2013-06-7 Show GitHub Exploit DB Packet Storm
225640 6.4 警告 アップル
Ruby on Rails project		 - Ruby on Rails におけるデータベースのクエリ制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0155 2013-06-7 11:58 2013-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212681 5.4 MEDIUM
Network 		nedi nedi NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php chg parameter. CWE-79
Cross-site Scripting 		CVE-2020-15031 2024-11-21 14:04 2020-07-8 Show GitHub Exploit DB Packet Storm
212682 5.4 MEDIUM
Network 		nedi nedi NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Routes.php rtr parameter. CWE-79
Cross-site Scripting 		CVE-2020-15030 2024-11-21 14:04 2020-07-8 Show GitHub Exploit DB Packet Storm
212683 5.4 MEDIUM
Network 		nedi nedi NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php sn parameter. CWE-79
Cross-site Scripting 		CVE-2020-15029 2024-11-21 14:04 2020-07-8 Show GitHub Exploit DB Packet Storm
212684 5.4 MEDIUM
Network 		nedi nedi NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Map.php xo parameter. CWE-79
Cross-site Scripting 		CVE-2020-15028 2024-11-21 14:04 2020-07-8 Show GitHub Exploit DB Packet Storm
212685 5.4 MEDIUM
Network 		nedi nedi NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Reports-Devices.php page st[] parameter. CWE-79
Cross-site Scripting 		CVE-2020-15037 2024-11-21 14:04 2020-07-8 Show GitHub Exploit DB Packet Storm
212686 5.4 MEDIUM
Network 		nedi nedi NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Linked.php dv parameter. CWE-79
Cross-site Scripting 		CVE-2020-15036 2024-11-21 14:04 2020-07-8 Show GitHub Exploit DB Packet Storm
212687 6.8 MEDIUM
Network 		electronjs electron In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated… NVD-CWE-Other
CVE-2020-15096 2024-11-21 14:04 2020-07-7 Show GitHub Exploit DB Packet Storm
212688 6.5 MEDIUM
Network 		tendermint tendermint TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time … CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2020-15091 2024-11-21 14:04 2020-07-3 Show GitHub Exploit DB Packet Storm
212689 6.1 MEDIUM
Network 		prestashop prestashop In PrestaShop from version 1.7.0.0 and before version 1.7.6.6, if a target sends a corrupted file, it leads to a reflected XSS. The problem is fixed in 1.7.6.6 CWE-79
Cross-site Scripting 		CVE-2020-15083 2024-11-21 14:04 2020-07-3 Show GitHub Exploit DB Packet Storm
212690 8.8 HIGH
Network 		prestashop prestashop In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6 NVD-CWE-Other
CVE-2020-15082 2024-11-21 14:04 2020-07-3 Show GitHub Exploit DB Packet Storm