Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226421	7.5	危険	Raphael Zschorsch	-	TYPO3 用 jQuery autocomplete for indexed_search における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-4634	2013-06-24 15:26	2013-06-3	Show	GitHub Exploit DB Packet Storm

226422	4.3	警告	Catalin Florian Radut	-	Drupal 用 Zero Point テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-1905	2013-06-24 15:24	2013-03-27	Show	GitHub Exploit DB Packet Storm

226423	2.1	注意	Jordan Starcher	-	Drupal 用 CurvyCorners モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-1393	2013-06-24 15:20	2013-01-23	Show	GitHub Exploit DB Packet Storm

226424	6.9	警告	Fabrice Bellard	-	Xen で使用される Qemu の qemu guest エージェントにおける特定のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-2007	2013-06-21 15:42	2013-04-24	Show	GitHub Exploit DB Packet Storm

226425	7.9	危険	シマンテック	-	Symantec Endpoint Protection Manager および Symantec Endpoint Protection Center におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-1612	2013-06-21 15:09	2013-06-18	Show	GitHub Exploit DB Packet Storm

226426	4.3	警告	Google	-	Google Chrome の Flash プラグインにおける重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-2866	2013-06-21 15:08	2013-06-18	Show	GitHub Exploit DB Packet Storm

226427	3.5	注意	IBM	-	IBM Sterling Control Center におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-2969	2013-06-21 14:59	2013-06-11	Show	GitHub Exploit DB Packet Storm

226428	6.3	警告	IBM	-	IBM Sterling Control Center におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2013-2968	2013-06-21 14:58	2013-06-11	Show	GitHub Exploit DB Packet Storm

226429	7.8	危険	日本電気	-	NEC Mobile Handset におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-5557	2013-06-21 14:55	2007-10-18	Show	GitHub Exploit DB Packet Storm

226430	4.3	警告	Vocera	-	Vocera Communications Wireless Handset におけるハッシュ化されたパスワードを盗まれる脆弱性	CWE-20 不適切な入力確認	CVE-2008-1114	2013-06-21 14:39	2008-02-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
202471	6.1	MEDIUM Network	opensuse debian	open_build_service debian_linux	A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-bu…	-	CVE-2020-8020	2024-11-21 14:38	2020-05-14	Show	GitHub Exploit DB Packet Storm

202472	9.8	CRITICAL Network	rubyonrails debian	actionpack_page-caching debian_linux	There is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can w…	CWE-22 Path Traversal	CVE-2020-8159	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

202473	7.0	HIGH Network	nextcloud fedoraproject	mail fedora	A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack.	CWE-295 Improper Certificate Validation	CVE-2020-8156	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

202474	5.4	MEDIUM Network	nextcloud	nextcloud_server	An outdated 3rd party library in the Files PDF viewer for Nextcloud Server 18.0.2 caused a Cross-site scripting vulnerability when opening a malicious PDF.	CWE-79 Cross-site Scripting	CVE-2020-8155	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

202475	7.7	HIGH Network	nextcloud	nextcloud_server	An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2020-8154	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

202476	8.1	HIGH Network	nextcloud fedoraproject	group_folders fedora	Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same name.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-8153	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

202477	7.5	HIGH Network	rubyonrails fedoraproject	active_resource fedora	There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak inf…	CWE-863 Incorrect Authorization	CVE-2020-8151	2024-11-21 14:38	2020-05-12	Show	GitHub Exploit DB Packet Storm

202478	5.3	MEDIUM Network	mongodb	mongodb	Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechani…	CWE-863 Incorrect Authorization	CVE-2020-7921	2024-11-21 14:38	2020-05-7	Show	GitHub Exploit DB Packet Storm

202479	6.1	MEDIUM Network	commscope	ruckus_zoneflex_r500_firmware	Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Name field.	CWE-79 Cross-site Scripting	CVE-2020-8033	2024-11-21 14:38	2020-05-6	Show	GitHub Exploit DB Packet Storm

202480	8.1	HIGH Network	commscope	ruckus_zoneflex_r500_firmware	A CSRF issue in login.asp on Ruckus R500 3.4.2.0.384 devices allows remote attackers to access the panel or conduct SSRF attacks.	CWE-352 Origin Validation Error	CVE-2020-7983	2024-11-21 14:38	2020-05-6	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed