Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225961	7.5	危険	Web-Dorado	-	Drupal 用 Web Dorado Spider Video Player プラグインの settings.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3532	2013-05-14 15:49	2013-05-10	Show	GitHub Exploit DB Packet Storm

225962	7.5	危険	RadioCMS	-	RadioCMS の meneger.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3531	2013-05-14 15:48	2013-05-10	Show	GitHub Exploit DB Packet Storm

225963	7.5	危険	Fabricio Zuardi	-	WordPress 用 Spiffy XSPF Player プラグインの playlist.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3530	2013-05-14 15:47	2013-05-10	Show	GitHub Exploit DB Packet Storm

225964	4.3	警告	Smarty Pants Plugins	-	WordPress 用 WP FuneralPress プラグインの user/obits.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3529	2013-05-14 15:46	2013-05-10	Show	GitHub Exploit DB Packet Storm

225965	7.5	危険	Vanilla Forums	-	Vanilla Forums の更新チェックにおける脆弱性	CWE-noinfo 情報不足	CVE-2013-3528	2013-05-14 15:44	2013-04-5	Show	GitHub Exploit DB Packet Storm

225966	7.5	危険	Vanilla Forums	-	Vanilla Forums における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3527	2013-05-14 15:37	2013-04-5	Show	GitHub Exploit DB Packet Storm

225967	4.3	警告	georgemathewk	-	WordPress 用 Traffic Analyzer プラグインの js/ta_loaded.js.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3526	2013-05-14 15:37	2013-05-10	Show	GitHub Exploit DB Packet Storm

225968	7.5	危険	David Clark	-	phpVMS 用 Pop Up News モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3524	2013-05-14 15:36	2013-05-10	Show	GitHub Exploit DB Packet Storm

225969	7.5	危険	greg jennings	-	This HTML Is Simple における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3523	2013-05-14 15:35	2013-04-1	Show	GitHub Exploit DB Packet Storm

225970	6.5	警告	vBulletin Solutions, Inc.	-	vBulletin の index.php/ajax/api/reputation/vote における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3522	2013-05-14 15:34	2013-05-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
213931	3.3	LOW Local	c-ares fedoraproject	c-ares fedora	A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service t…	CWE-415 CWE-416 Double Free Use After Free	CVE-2020-14354	2024-11-21 14:03	2021-05-13	Show	GitHub Exploit DB Packet Storm

213932	10.0	CRITICAL Network	rockwellautomation	factorytalk_services_platform	In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that p…	-	CVE-2020-14516	2024-11-21 14:03	2021-03-19	Show	GitHub Exploit DB Packet Storm

213933	7.5	HIGH Local	gnu redhat fedoraproject netapp	grub2 enterprise_linux_server_aus enterprise_linux_workstation enterprise_linux enterprise_linux_server_tus enterprise_linux_server_eus fedora cloud_backup ontap_select_deploy…	A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to cra…	-	CVE-2020-14372	2024-11-21 14:03	2021-03-4	Show	GitHub Exploit DB Packet Storm

213934	7.3	HIGH Network	redhat	louketo_proxy	A vulnerability was found in all versions of Keycloak Gatekeeper, where on using lower case HTTP headers (via cURL) an attacker can bypass our Gatekeeper. Lower case headers are also accepted by some…	-	CVE-2020-14359	2024-11-21 14:03	2021-02-23	Show	GitHub Exploit DB Packet Storm

213935	9.8	CRITICAL Network	pyyaml oracle	pyyaml communications_cloud_native_core_network_function_cloud_native_environment	A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or…	CWE-20 Improper Input Validation	CVE-2020-14343	2024-11-21 14:03	2021-02-10	Show	GitHub Exploit DB Packet Storm

213936	5.5	MEDIUM Local	gnome	control_center	A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through t…	-	CVE-2020-14391	2024-11-21 14:03	2021-02-9	Show	GitHub Exploit DB Packet Storm

213937	7.0	HIGH Local	morphisec madshi cisco	unified_threat_prevention_platform madcodehook advanced_malware_protection	A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. This occurs because path redirection can occur via vectors involving …	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2020-14418	2024-11-21 14:03	2021-01-30	Show	GitHub Exploit DB Packet Storm

213938	7.8	HIGH Local	x.org	x_server	A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerabi…	-	CVE-2020-14360	2024-11-21 14:03	2021-01-21	Show	GitHub Exploit DB Packet Storm

213939	5.4	MEDIUM Network	libsdl debian fedoraproject	simple_directmedia_layer debian_linux fedora	SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.	CWE-125 Out-of-bounds Read	CVE-2020-14410	2024-11-21 14:03	2021-01-20	Show	GitHub Exploit DB Packet Storm

213940	7.8	HIGH Local	libsdl fedoraproject debian starwindsoftware	simple_directmedia_layer fedora debian_linux starwind_virtual_san	SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.	CWE-787 CWE-190 Out-of-bounds Write Integer Overflow or Wraparound	CVE-2020-14409	2024-11-21 14:03	2021-01-20	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed