Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226101 5 警告 Blink Web Effects - WordPress 用 Social Media Widget プラグインにおける任意のファイルのアップロードを強制される脆弱性 CWE-noinfo
情報不足 		CVE-2013-1949 2013-04-30 17:51 2013-04-9 Show GitHub Exploit DB Packet Storm
226102 10 危険 Rob Westgeest - Ruby 用 md2pdf gem の converter.rb における任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-1948 2013-04-30 17:51 2013-04-10 Show GitHub Exploit DB Packet Storm
226103 9.3 危険 Kelly D. Redding - Ruby 用 kelredd-pruview gem における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2013-1947 2013-04-30 17:50 2013-04-4 Show GitHub Exploit DB Packet Storm
226104 9.3 危険 karteek-docsplit - Ruby 用 Karteek Docsplit gem における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2013-1933 2013-04-30 17:49 2013-04-1 Show GitHub Exploit DB Packet Storm
226105 6.8 警告 Novell
plataformatec		 - Ruby 用 Devise gem における不正な結果が返される脆弱性 CWE-399
リソース管理の問題 		CVE-2013-0233 2013-04-30 17:48 2013-01-28 Show GitHub Exploit DB Packet Storm
226106 7.5 危険 Grape
Erik Michaels-Ober		 - Grape などの製品で使用される Ruby 用 multi_xml gem におけるオブジェクトインジェクション攻撃を誘発される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-0175 2013-04-30 17:43 2013-01-10 Show GitHub Exploit DB Packet Storm
226107 5 警告 Ruby-lang.org - Ruby における safe-level の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4466 2013-04-30 17:29 2012-10-3 Show GitHub Exploit DB Packet Storm
226108 5 警告 Ruby-lang.org - Ruby における safe-level の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4464 2013-04-30 17:25 2012-10-3 Show GitHub Exploit DB Packet Storm
226109 5.4 警告 シトリックス・システムズ - NetScaler Access Gateway Enterprise Edition に脆弱性 CWE-noinfo
情報不足 		CVE-2013-2767 2013-04-30 12:45 2013-04-26 Show GitHub Exploit DB Packet Storm
226110 9.3 危険 シスコシステムズ - Cisco MDS 9000 および Nexus 5000 デバイス用 Cisco Device Manager における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-1192 2013-04-26 16:56 2013-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209521 6.1 MEDIUM
Network 		jsoneditoronline jsoneditor Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executing JavaScript. CWE-79
Cross-site Scripting 		CVE-2020-23849 2024-11-21 14:14 2021-01-11 Show GitHub Exploit DB Packet Storm
209522 6.8 MEDIUM
Network 		dovecot
debian
fedoraproject 		dovecot
debian_linux
fedora 		An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email m… NVD-CWE-Other
CVE-2020-24386 2024-11-21 14:14 2021-01-5 Show GitHub Exploit DB Packet Storm
209523 7.4 HIGH
Adjacent 		arista eos An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista … CWE-404
 Improper Resource Shutdown or Release 		CVE-2020-24360 2024-11-21 14:14 2020-12-29 Show GitHub Exploit DB Packet Storm
209524 6.1 MEDIUM
Network 		pega pega_platform Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS) via the ConnectionID parameter, as demonstrated by a pyActivity=Data-TRACERSettings.pzStartTracerSession request to a PRAuth URI. CWE-79
Cross-site Scripting 		CVE-2020-23957 2024-11-21 14:14 2020-12-16 Show GitHub Exploit DB Packet Storm
209525 9.1 CRITICAL
Network 		butok fnet An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out… CWE-125
Out-of-bounds Read 		CVE-2020-24383 2024-11-21 14:14 2020-12-12 Show GitHub Exploit DB Packet Storm
209526 9.1 CRITICAL
Network 		altran picotcp
picotcp-ng 		An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bo… CWE-125
Out-of-bounds Read 		CVE-2020-24341 2024-11-21 14:14 2020-12-12 Show GitHub Exploit DB Packet Storm
209527 7.5 HIGH
Network 		altran picotcp
picotcp-ng 		An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number o… CWE-125
Out-of-bounds Read 		CVE-2020-24340 2024-11-21 14:14 2020-12-12 Show GitHub Exploit DB Packet Storm
209528 7.5 HIGH
Network 		altran picotcp
picotcp-ng 		An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compre… CWE-125
Out-of-bounds Read 		CVE-2020-24339 2024-11-21 14:14 2020-12-12 Show GitHub Exploit DB Packet Storm
209529 9.8 CRITICAL
Network 		altran picotcp An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer o… CWE-787
 Out-of-bounds Write 		CVE-2020-24338 2024-11-21 14:14 2020-12-12 Show GitHub Exploit DB Packet Storm
209530 7.5 HIGH
Network 		altran picotcp
picotcp-ng 		An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by … CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-24337 2024-11-21 14:14 2020-12-12 Show GitHub Exploit DB Packet Storm