Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225671	5	警告	IBM Apache Software Foundation アップルサイバートラスト株式会社富士通ヒューレット・パッカードオラクル日立レッドハット	-	Apache HTTP Server の mod_proxy モジュールにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3847	2013-07-18 18:22	2007-08-23	Show	GitHub Exploit DB Packet Storm

225672	4.3	警告	ヒューレット・パッカード Apache Software Foundation オラクル	-	Apache HTTP Server の mod_proxy_ajp モジュールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3348	2013-07-18 18:21	2011-09-14	Show	GitHub Exploit DB Packet Storm

225673	5	警告	オラクル	-	Oracle and Sun Systems Products Suite の Oracle SPARC Enterprise M シリーズサーバにおける XSCF Control Package (XCP) に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3773	2013-07-18 15:46	2013-07-16	Show	GitHub Exploit DB Packet Storm

225674	4.3	警告	オラクル	-	Oracle iLearning における Learner Pages に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3775	2013-07-18 15:46	2013-07-16	Show	GitHub Exploit DB Packet Storm

225675	4	警告	オラクル	-	Oracle Industry Applications の Oracle Policy Automation における Determinations Engine に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3816	2013-07-18 15:46	2013-07-16	Show	GitHub Exploit DB Packet Storm

225676	5	警告	オラクル	-	Oracle Sun Solaris における Utility/Remote Execution Server に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-0398	2013-07-18 15:46	2013-07-16	Show	GitHub Exploit DB Packet Storm

225677	2.1	注意	オラクル	-	Oracle Sun Solaris における Libraries/Libc に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3745	2013-07-18 15:46	2013-07-16	Show	GitHub Exploit DB Packet Storm

225678	7.2	危険	オラクル	-	Oracle and Sun Systems Products Suite の Solaris Cluster における Zone Cluster Infrastructure に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3746	2013-07-18 15:46	2013-07-16	Show	GitHub Exploit DB Packet Storm

225679	7.8	危険	オラクル	-	Oracle Sun Solaris における Driver/IDM (iSCSI Data Mover) に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3748	2013-07-18 15:46	2013-07-16	Show	GitHub Exploit DB Packet Storm

225680	7.2	危険	オラクル	-	Oracle Sun Solaris における Kernel/VM に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3750	2013-07-18 15:46	2013-07-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210311	9.8	CRITICAL Network	science-miner	pdf2xml	pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump.	CWE-787 Out-of-bounds Write	CVE-2020-23873	2024-11-21 14:14	2021-11-11	Show	GitHub Exploit DB Packet Storm

210312	7.5	HIGH Network	science-miner	pdf2xml	A NULL pointer dereference in the function TextPage::restoreState of pdf2xml v2.0 allows attackers to cause a denial of service (DoS).	CWE-476 NULL Pointer Dereference	CVE-2020-23872	2024-11-21 14:14	2021-11-11	Show	GitHub Exploit DB Packet Storm

210313	9.8	CRITICAL Network	eyoucms	eyoucms	SQL Injection vulnerability in eyoucms cms v1.4.7, allows attackers to execute arbitrary code and disclose sensitive information, via the tid parameter to index.php.	CWE-89 SQL Injection	CVE-2020-24000	2024-11-21 14:14	2021-11-4	Show	GitHub Exploit DB Packet Storm

210314	9.6	CRITICAL Network	php-fusion	phpfusion	Cross Site Scripting (XSS) vulnerability in infusions/member_poll_panel/poll_admin.php in PHP-Fusion 9.03.50, allows attackers to execute arbitrary code, via the polls feature.	CWE-79 Cross-site Scripting	CVE-2020-23754	2024-11-21 14:14	2021-11-3	Show	GitHub Exploit DB Packet Storm

210315	9.6	CRITICAL Network	zibbs_project	zibbs	Cross site scripting (XSS) vulnerability in application/controllers/AdminController.php in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the bbsmeta parameter.	CWE-79 Cross-site Scripting	CVE-2020-23719	2024-11-21 14:14	2021-11-3	Show	GitHub Exploit DB Packet Storm

210316	9.6	CRITICAL Network	zibbs_project	zibbs	Cross site scripting (XSS) vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the route parameter to index.php.	CWE-79 Cross-site Scripting	CVE-2020-23718	2024-11-21 14:14	2021-11-3	Show	GitHub Exploit DB Packet Storm

210317	8.8	HIGH Network	ayacms_project	ayacms	Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts.	CWE-352 Origin Validation Error	CVE-2020-23686	2024-11-21 14:14	2021-11-3	Show	GitHub Exploit DB Packet Storm

210318	9.8	CRITICAL Network	vtimecn	188jianzhan	SQL Injection vulnerability in 188Jianzhan v2.1.0, allows attackers to execute arbitrary code and gain escalated privileges, via the username parameter to login.php.	CWE-89 SQL Injection	CVE-2020-23685	2024-11-21 14:14	2021-11-3	Show	GitHub Exploit DB Packet Storm

210319	5.3	MEDIUM Network	discourse	discourse	Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-24327	2024-11-21 14:14	2021-09-24	Show	GitHub Exploit DB Packet Storm

210320	8.1	HIGH Network	ponzu-cms	ponzu	A cross site request forgery (CSRF) vulnerability in the configure.html component of Ponzu 0.11.0 allows attackers to change user and administrator credentials, and add or delete administrator accoun…	CWE-352 Origin Validation Error	CVE-2020-24130	2024-11-21 14:14	2021-08-21	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed