Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226251	4.4	警告	Heshan Wanigasooriya	-	Drupal 用 Video モジュールにおける任意の PHP コードを実行される脆弱性	CWE-16 環境設定	CVE-2013-0224	2013-03-22 16:15	2013-01-23	Show	GitHub Exploit DB Packet Storm

226252	6.8	警告	Leighton Whiting	-	Drupal 用 Mark Complete モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-0207	2013-03-22 16:14	2013-01-16	Show	GitHub Exploit DB Packet Storm

226253	6	警告	guybedford	-	Drupal 用 Live CSS モジュールにおける任意のコードを実行される脆弱性	CWE-Other その他	CVE-2013-0206	2013-03-22 16:13	2013-01-9	Show	GitHub Exploit DB Packet Storm

226254	6.8	警告	Klaus Purer	-	Drupal 用 RESTful Web Services モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-0205	2013-03-22 16:13	2013-01-16	Show	GitHub Exploit DB Packet Storm

226255	3.6	注意	レッドハット	-	libvirt におけるファイルを上書きされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1766	2013-03-22 16:08	2013-03-20	Show	GitHub Exploit DB Packet Storm

226256	5	警告	ZoneMinder	-	ZoneMinder におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-0332	2013-03-22 15:52	2011-05-30	Show	GitHub Exploit DB Packet Storm

226257	7.5	危険	ZoneMinder	-	ZoneMinder の includes/functions.php における任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2013-0232	2013-03-22 15:51	2013-01-25	Show	GitHub Exploit DB Packet Storm

226258	5.1	警告	David King	-	Vino における UPnP ルータのポートがオープンになる問題	CWE-Other その他	CVE-2011-1165	2013-03-22 14:43	2013-03-12	Show	GitHub Exploit DB Packet Storm

226259	4.6	警告	David King	-	Vino における外部ネットワークに接続される脆弱性	CWE-16 環境設定	CVE-2011-1164	2013-03-22 14:24	2013-03-12	Show	GitHub Exploit DB Packet Storm

226260	6	警告	Samba Project	-	Samba における任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1863	2013-03-22 13:50	2013-03-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209551	6.1	MEDIUM Network	homeautomation_project	homeautomation	HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS). XSS vulnerabilities occur when input passed via several parameters to several scripts is not properly sanitized before being…	CWE-79 Cross-site Scripting	CVE-2020-21987	2024-11-21 14:12	2021-04-28	Show	GitHub Exploit DB Packet Storm

209552	4.8	MEDIUM Network	x2engine	x2crm	Cross Site Scripting (XSS) in X2engine X2CRM v7.1 and older allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "First Name" and "Last Name" fiel…	CWE-79 Cross-site Scripting	CVE-2020-21088	2024-11-21 14:12	2021-04-14	Show	GitHub Exploit DB Packet Storm

209553	6.1	MEDIUM Network	x2engine	x2crm	Cross Site Scripting (XSS) in X2Engine X2CRM v6.9 and older allows remote attackers to execute arbitrary code by injecting arbitrary web script or HTML via the "New Name" field of the "Rename a Modul…	CWE-79 Cross-site Scripting	CVE-2020-21087	2024-11-21 14:12	2021-04-14	Show	GitHub Exploit DB Packet Storm

209554	8.8	HIGH Network	indionetworks	unibox_u50_firmware unibox_u500_firmware unibox_u1000_firmware unibox_u2500_firmware unibox_u5000_firmware	Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduse…	CWE-352 Origin Validation Error	CVE-2020-21884	2024-11-21 14:12	2021-04-9	Show	GitHub Exploit DB Packet Storm

209555	8.8	HIGH Network	indionetworks	unibox_u50_firmware unibox_u500_firmware unibox_u1000_firmware unibox_u2500_firmware unibox_u5000_firmware	Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover.	CWE-78 OS Command	CVE-2020-21883	2024-11-21 14:12	2021-04-9	Show	GitHub Exploit DB Packet Storm

209556	4.3	MEDIUM Network	wuzhicms	wuzhicms	Directory traversal in coreframe/app/template/admin/index.php in WUZHI CMS 4.1.0 allows attackers to list files in arbitrary directories via the dir parameter.	CWE-22 Path Traversal	CVE-2020-21590	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

209557	5.5	MEDIUM Local	coreftp	core_ftp	Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via a long string in the Setup->Users->Username editbox.	CWE-120 Classic Buffer Overflow	CVE-2020-21588	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

209558	9.8	CRITICAL Network	emlog	emlog	Vulnerability in emlog v6.0.0 allows user to upload webshells via zip plugin module.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-21585	2024-11-21 14:12	2021-04-3	Show	GitHub Exploit DB Packet Storm

209559	5.4	MEDIUM Network	seeyon	g6_government_collaborative_system	Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Collaboration System V6.1SP1, via the 'method' parameter to 'seeyon/hrSalary.do'.	CWE-79 Cross-site Scripting	CVE-2020-20545	2024-11-21 14:12	2021-03-30	Show	GitHub Exploit DB Packet Storm

209560	9.8	CRITICAL Network	inspur	clusterengine	A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server	CWE-88 Argument Injection	CVE-2020-21224	2024-11-21 14:12	2021-02-23	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed