Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 16, 2026, 10:01 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 225781 | 4.3 | 警告 | MediaWiki | - | MediaWiki 用 RSS Reader 拡張機能におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-6453 | 2013-01-4 14:54 | 2012-12-31 | Show | GitHub Exploit DB Packet Storm |
| 225782 | 4.3 | 警告 | Cerberus, LLC | - | Cerberus FTP Server の管理用 Web インターフェースにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-6339 | 2013-01-4 14:51 | 2012-12-11 | Show | GitHub Exploit DB Packet Storm |
| 225783 | 6.5 | 警告 | Open Constructor | - | Open Constructor における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2012-3873 | 2013-01-4 14:47 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
| 225784 | 4.3 | 警告 | Open Constructor | - | Open Constructor におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-3872 | 2013-01-4 14:46 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
| 225785 | 3.5 | 注意 | Open Constructor | - | Open Constructor におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-3871 | 2013-01-4 14:22 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
| 225786 | 3.5 | 注意 | Open Constructor | - | Open Constructor におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-3870 | 2013-01-4 14:22 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
| 225787 | 3.3 | 注意 | サムスン | - | 複数の Samsung Galaxy デバイス上の Android 用 SamsungDive におけるデバイスの発見を妨害される脆弱性 |
CWE-200
情報漏えい |
CVE-2012-6337 | 2013-01-4 14:07 | 2012-12-31 | Show | GitHub Exploit DB Packet Storm |
| 225788 | 3.3 | 注意 | Lookout Mobile Security | - | Lookout の端末捜索機能における任意の位置データに偽装される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2012-6336 | 2013-01-4 14:04 | 2012-12-31 | Show | GitHub Exploit DB Packet Storm |
| 225789 | 3.3 | 注意 | AVG Technologies | - | Android 用 AVG AntiVirus の Anti-theft サービスにおける任意の位置データに偽装される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2012-6335 | 2013-01-4 14:03 | 2012-12-31 | Show | GitHub Exploit DB Packet Storm |
| 225790 | 5.8 | 警告 | IBM | - | IBM Security AppScan Enterprise および Rational Policy Tester における SSL サーバになりすまされる脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2012-0741 | 2013-01-4 12:09 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 16, 2026, 4 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 211301 | 6.5 |
MEDIUM
Network |
gnome canonical fedoraproject netapp broadcom |
balsa glib-networking ubuntu_linux fedora cloud_backup fabric_operating_system |
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server… |
CWE-295
Improper Certificate Validation |
CVE-2020-13645 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 211302 | 5.4 |
MEDIUM
Network |
pickplugins | accordion | An issue was discovered in the Accordion plugin before 2.2.9 for WordPress. The unprotected AJAX wp_ajax_accordions_ajax_import_json action allowed any authenticated user with Subscriber or higher pe… |
CWE-79
Cross-site Scripting |
CVE-2020-13644 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 211303 | 8.8 |
HIGH
Network |
siteorigin | page_builder | An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of … |
CWE-352
Origin Validation Error |
CVE-2020-13643 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 211304 | 8.8 |
HIGH
Network |
siteorigin | page_builder | An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The action_builder_content function did not do any nonce verification, allowing for requests to be forged o… |
CWE-352
Origin Validation Error |
CVE-2020-13642 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 211305 | 8.8 |
HIGH
Network |
infolific | real-time_find_and_replace | An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The far_options_page function did not do any nonce verification, allowing for requests to be forged on beh… |
CWE-352
Origin Validation Error |
CVE-2020-13641 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 211306 | 6.1 |
MEDIUM
Network |
fork-cms | fork_cms | Fork before 5.8.3 allows XSS via navigation_title or title. |
CWE-79
Cross-site Scripting |
CVE-2020-13633 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 211307 | 6.1 |
MEDIUM
Network |
centreon |
centreon_host-monitoring_widget centreon_tactical-overview_widget centreon_service-monitoring_widget |
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. This vulnerability is fixed in v… |
CWE-79
Cross-site Scripting |
CVE-2020-13628 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 211308 | 6.1 |
MEDIUM
Network |
centreon |
centreon_host-monitoring_widget centreon_tactical-overview_widget centreon_service-monitoring_widget |
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in … |
CWE-79
Cross-site Scripting |
CVE-2020-13627 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 211309 | 5.5 |
MEDIUM
Local |
sqlite fedoraproject canonical netapp brocade debian siemens oracle |
sqlite fedora ubuntu_linux cloud_backup solidfire\ _enterprise_sds_\&_hci_storage_node fabric_operating_system hci_compute_node_firmware debian_linux sinec_infrastructu… |
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. |
CWE-476
NULL Pointer Dereference |
CVE-2020-13632 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |
| 211310 | 5.5 |
MEDIUM
Local |
sqlite fedoraproject canonical netapp brocade siemens apple oracle |
sqlite fedora ubuntu_linux cloud_backup solidfire\ _enterprise_sds_\&_hci_storage_node fabric_operating_system hci_compute_node_firmware sinec_infrastructure_network_servi… |
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. |
NVD-CWE-noinfo
|
CVE-2020-13631 | 2024-11-21 14:01 | 2020-05-28 | Show | GitHub Exploit DB Packet Storm |