Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225961 4.3 警告 Smarty Pants Plugins - WordPress 用 WP FuneralPress プラグインの user/obits.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-3529 2013-05-14 15:46 2013-05-10 Show GitHub Exploit DB Packet Storm
225962 7.5 危険 Vanilla Forums - Vanilla Forums の更新チェックにおける脆弱性 CWE-noinfo
情報不足 		CVE-2013-3528 2013-05-14 15:44 2013-04-5 Show GitHub Exploit DB Packet Storm
225963 7.5 危険 Vanilla Forums - Vanilla Forums における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-3527 2013-05-14 15:37 2013-04-5 Show GitHub Exploit DB Packet Storm
225964 4.3 警告 georgemathewk - WordPress 用 Traffic Analyzer プラグインの js/ta_loaded.js.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-3526 2013-05-14 15:37 2013-05-10 Show GitHub Exploit DB Packet Storm
225965 7.5 危険 David Clark - phpVMS 用 Pop Up News モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-3524 2013-05-14 15:36 2013-05-10 Show GitHub Exploit DB Packet Storm
225966 7.5 危険 greg jennings - This HTML Is Simple における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-3523 2013-05-14 15:35 2013-04-1 Show GitHub Exploit DB Packet Storm
225967 6.5 警告 vBulletin Solutions, Inc. - vBulletin の index.php/ajax/api/reputation/vote における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-3522 2013-05-14 15:34 2013-05-10 Show GitHub Exploit DB Packet Storm
225968 4.6 警告 シスコシステムズ - Cisco Aggregation Services Router Route Processor 上で稼働する Cisco IOS におけるサービス運用妨害 (DoS) 状態にされる脆弱性 CWE-399
リソース管理の問題 		CVE-2013-1136 2013-05-14 14:52 2013-05-13 Show GitHub Exploit DB Packet Storm
225969 10 危険 phpvms.net - phpVMS の admin/action.php における脆弱性 CWE-noinfo
情報不足 		CVE-2012-6552 2013-05-14 12:00 2012-08-24 Show GitHub Exploit DB Packet Storm
225970 9.3 危険 サムスン - MarkAny ContentSAFER MASetupCaller の ActiveX コントロールに脆弱性 CWE-94
コード・インジェクション 		CVE-2012-2990 2013-05-13 17:59 2012-08-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223781 7.5 HIGH
Network 		scytl secure_vote An issue was discovered in Scytl sVote 2.1. Because the sdm-ws-rest API does not require authentication, an attacker can retrieve the administrative configuration by sending a POST request to the /sd… CWE-306
Missing Authentication for Critical Function 		CVE-2019-25020 2024-11-21 13:39 2021-02-27 Show GitHub Exploit DB Packet Storm
223782 9.8 CRITICAL
Network 		alleghenycreative openrepeater OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter. CWE-78
OS Command  		CVE-2019-25024 2024-11-21 13:39 2021-02-19 Show GitHub Exploit DB Packet Storm
223783 9.8 CRITICAL
Network 		limesurvey limesurvey LimeSurvey before 4.0.0-RC4 allows SQL injection via the participant model. CWE-89
SQL Injection 		CVE-2019-25019 2024-11-21 13:39 2021-02-14 Show GitHub Exploit DB Packet Storm
223784 7.5 HIGH
Network 		mit krb5-appl In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. … NVD-CWE-noinfo
CVE-2019-25018 2024-11-21 13:39 2021-02-3 Show GitHub Exploit DB Packet Storm
223785 5.9 MEDIUM
Network 		mit krb5-appl An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, t… CWE-863
 Incorrect Authorization 		CVE-2019-25017 2024-11-21 13:39 2021-02-3 Show GitHub Exploit DB Packet Storm
223786 6.5 MEDIUM
Network 		istio
redhat 		istio
openshift_service_mesh 		A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0. If a particular HTTP GET request is made to the pilot API endpoint, it is p… CWE-476
 NULL Pointer Dereference 		CVE-2019-25014 2024-11-21 13:39 2021-01-29 Show GitHub Exploit DB Packet Storm
223787 8.8 HIGH
Network 		opendoas_project opendoas In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command. Rules that only allowed t… CWE-459
CWE-909
 Incomplete Cleanup
 Missing Initialization of Resource 		CVE-2019-25016 2024-11-21 13:39 2021-01-29 Show GitHub Exploit DB Packet Storm
223788 5.4 MEDIUM
Network 		openwrt openwrt LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID. CWE-79
Cross-site Scripting 		CVE-2019-25015 2024-11-21 13:39 2021-01-27 Show GitHub Exploit DB Packet Storm
223789 5.9 MEDIUM
Network 		gnu
fedoraproject
netapp
broadcom
debian 		glibc
fedora
ontap_select_deploy_administration_utility
service_processor
fabric_operating_system
a250_firmware
500f_firmware
debian_linux 		The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. CWE-125
Out-of-bounds Read 		CVE-2019-25013 2024-11-21 13:39 2021-01-5 Show GitHub Exploit DB Packet Storm
223790 7.5 HIGH
Network 		webform_report_project webform_report The Webform Report project 7.x-1.x-dev for Drupal allows remote attackers to view submissions by visiting the /rss.xml page. NOTE: This project is not covered by Drupal's security advisory policy. CWE-425
 Direct Request ('Forced Browsing') 		CVE-2019-25012 2024-11-21 13:39 2021-01-1 Show GitHub Exploit DB Packet Storm