Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226061 5 警告 シスコシステムズ - Cisco IOS の GET VPN 機能のデフォルト設定における暗号化ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-3436 2013-07-22 16:25 2013-07-19 Show GitHub Exploit DB Packet Storm
226062 4.3 警告 DELL EMC (旧 EMC Corporation) - Data Store Gen プラットフォーム上で稼働する EMC Avamar Server および Avamar Virtual Edition における重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-3275 2013-07-22 16:23 2013-07-17 Show GitHub Exploit DB Packet Storm
226063 9 危険 DELL EMC (旧 EMC Corporation) - Data Store Gen プラットフォーム上で稼働する EMC Avamar Server および Avamar Virtual Edition における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-3274 2013-07-22 16:22 2013-07-17 Show GitHub Exploit DB Packet Storm
226064 2.6 注意 Verizon - Verizon Wireless Network Extender における ESN および MIN 値を取得される脆弱性 CWE-287
不適切な認証 		CVE-2013-4877 2013-07-22 16:20 2013-07-15 Show GitHub Exploit DB Packet Storm
226065 6.2 警告 Verizon - Verizon Wireless Network Extender における管理アクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2013-4876 2013-07-22 16:19 2013-07-15 Show GitHub Exploit DB Packet Storm
226066 6.2 警告 Verizon - Verizon Wireless Network Extender 上で稼働する Uboot bootloader におけるブートプロセスを回避される脆弱性 CWE-287
不適切な認証 		CVE-2013-4875 2013-07-22 16:13 2013-07-15 Show GitHub Exploit DB Packet Storm
226067 6.2 警告 Verizon - Verizon Wireless Network Extender 上で稼働する Uboot bootloader におけるルートアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2013-4874 2013-07-22 16:11 2013-07-15 Show GitHub Exploit DB Packet Storm
226068 5 警告 Yahoo! - iOS 用 Yahoo! Tumblr における重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2013-4873 2013-07-22 16:10 2013-07-16 Show GitHub Exploit DB Packet Storm
226069 6.9 警告 Google - Google Glass における設定を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4872 2013-07-22 16:09 2013-07-17 Show GitHub Exploit DB Packet Storm
226070 6.8 警告 オートデスク株式会社 - 複数の Autodesk 製品における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-3665 2013-07-22 16:08 2013-07-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
202101 5.3 MEDIUM
Network 		envoyproxy envoy CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed (not recognized as a TLS client) by a client using only TLS 1.3. Because TLS extensions (SNI, ALPN) were not ins… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2020-8660 2024-11-21 14:39 2020-03-5 Show GitHub Exploit DB Packet Storm
202102 5.3 MEDIUM
Network 		cncf envoy CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined valida… CWE-287
Improper Authentication 		CVE-2020-8664 2024-11-21 14:39 2020-03-5 Show GitHub Exploit DB Packet Storm
202103 7.5 HIGH
Network 		cncf
redhat 		envoy
openshift_service_mesh 		CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests. CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-8661 2024-11-21 14:39 2020-03-5 Show GitHub Exploit DB Packet Storm
202104 7.5 HIGH
Network 		cncf
redhat
debian 		envoy
openshift_service_mesh
debian_linux 		CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1 byte) chunks. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2020-8659 2024-11-21 14:39 2020-03-5 Show GitHub Exploit DB Packet Storm
202105 9.8 CRITICAL
Network 		zyxel nas326_firmware
nas520_firmware
nas540_firmware
nas542_firmware
atp100_firmware
atp200_firmware
atp500_firmware
atp800_firmware
usg20-vpn_firmware
usg20w-vpn_firmware
us… 		Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to… CWE-78
OS Command  		CVE-2020-9054 2024-11-21 14:39 2020-03-5 Show GitHub Exploit DB Packet Storm
202106 5.4 MEDIUM
Network 		alfresco alfresco Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project. CWE-79
Cross-site Scripting 		CVE-2020-8778 2024-11-21 14:39 2020-03-3 Show GitHub Exploit DB Packet Storm
202107 5.4 MEDIUM
Network 		alfresco alfresco Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document. CWE-79
Cross-site Scripting 		CVE-2020-8777 2024-11-21 14:39 2020-03-3 Show GitHub Exploit DB Packet Storm
202108 5.4 MEDIUM
Network 		alfresco alfresco Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file. CWE-79
Cross-site Scripting 		CVE-2020-8776 2024-11-21 14:39 2020-03-3 Show GitHub Exploit DB Packet Storm
202109 6.1 MEDIUM
Network 		fiserv accurate_reconciliation Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allows XSS via the logout.jsp timeOut parameter. CWE-79
Cross-site Scripting 		CVE-2020-8952 2024-11-21 14:39 2020-02-27 Show GitHub Exploit DB Packet Storm
202110 5.4 MEDIUM
Network 		fiserv accurate_reconciliation Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allows XSS via the Source or Destination field of the Configuration Manager (Configuration Parameter Translation) page. CWE-79
Cross-site Scripting 		CVE-2020-8951 2024-11-21 14:39 2020-02-27 Show GitHub Exploit DB Packet Storm