Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226031	4.3	警告	Joomla!	-	Joomla! におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3058	2013-05-8 17:59	2013-04-24	Show	GitHub Exploit DB Packet Storm

226032	4	警告	Joomla!	-	Joomla! における権限要件を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-3057	2013-05-8 17:53	2013-04-24	Show	GitHub Exploit DB Packet Storm

226033	4	警告	Joomla!	-	Joomla! における権限要件を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-3056	2013-05-8 17:37	2013-04-24	Show	GitHub Exploit DB Packet Storm

226034	7.2	危険	Novell	-	Novell ZENworks Desktop Management における権限を取得される脆弱性	CWE-Other その他	CVE-2013-1092	2013-05-8 16:56	2013-04-15	Show	GitHub Exploit DB Packet Storm

226035	10	危険	Novell	-	Novell iPrint Client におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-1091	2013-05-8 16:53	2013-05-1	Show	GitHub Exploit DB Packet Storm

226036	4.3	警告	ソフトバンク・テクノロジー株式会社	-	Online Service Gate におけるパスワード管理不備の問題	CWE-noinfo 情報不足	CVE-2013-2308	2013-05-8 14:01	2013-05-8	Show	GitHub Exploit DB Packet Storm

226037	5	警告	Zend Technologies Ltd.	-	Zend Framework の Zend_Feed における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2012-5657	2013-05-8 12:12	2013-05-2	Show	GitHub Exploit DB Packet Storm

226038	6.8	警告	GNU Project	-	glibc の stdio-common/vfprintf.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-0864	2013-05-8 12:11	2012-02-17	Show	GitHub Exploit DB Packet Storm

226039	5	警告	GNU Project	-	glibc の RPC の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-4609	2013-05-8 12:09	2011-12-13	Show	GitHub Exploit DB Packet Storm

226040	6.8	警告	GNU Project	-	glibc の __tzfile_read 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-5029	2013-05-8 12:08	2009-06-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
214231	5.9	MEDIUM Network	mutt debian neomutt fedoraproject canonical opensuse	mutt debian_linux neomutt fedora ubuntu_linux leap	Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g.,…	CWE-74 Injection	CVE-2020-14954	2024-11-21 14:04	2020-06-22	Show	GitHub Exploit DB Packet Storm

214232	8.8	HIGH Network	aapanel	aapanel	aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a modified /system?action=ServiceAdmin request (start, stop, or restart) to the setti…	CWE-78 OS Command	CVE-2020-14950	2024-11-21 14:04	2020-06-22	Show	GitHub Exploit DB Packet Storm

214233	9.8	CRITICAL Network	tendenci	tendenci	Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py.	CWE-502 Deserialization of Untrusted Data	CVE-2020-14942	2024-11-21 14:04	2020-06-22	Show	GitHub Exploit DB Packet Storm

214234	8.8	HIGH Network	squirrelmail	squirrelmail	compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request. NOTE: the vendor disputes this because these two conditions for PHP object…	CWE-502 Deserialization of Untrusted Data	CVE-2020-14933	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

214235	9.8	CRITICAL Network	squirrelmail	squirrelmail	compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.	CWE-502 Deserialization of Untrusted Data	CVE-2020-14932	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

214236	9.8	CRITICAL Network	dmitry_project	dmitry	A stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) 1.3a might allow remote WHOIS servers to execute arbitrary code via a long line in a response that is mishandled by nic_…	CWE-787 Out-of-bounds Write	CVE-2020-14931	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

214237	8.1	HIGH Network	bt_ctroms_terminal_project	bt_ctroms_terminal	An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur because the password-reset feature discloses the verification token. Upon a getverificationcode.jsp req…	CWE-319 CWE-522 Cleartext Transmission of Sensitive Information Insufficiently Protected Credentials	CVE-2020-14930	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

214238	7.5	HIGH Network	alpine_project fedoraproject debian	alpine fedora debian_linux	Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the…	NVD-CWE-Other	CVE-2020-14929	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

214239	4.8	MEDIUM Network	naviwebs	navigate_cms	Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "Web Sites > Create > Aliases > Add" screen.	CWE-79 Cross-site Scripting	CVE-2020-14927	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm

214240	5.4	MEDIUM Network	cmsmadesimple	cms_made_simple	CMS Made Simple 2.2.14 allows XSS via a Search Term to the admin/moduleinterface.php?mact=ModuleManager page.	CWE-79 Cross-site Scripting	CVE-2020-14926	2024-11-21 14:04	2020-06-20	Show	GitHub Exploit DB Packet Storm