Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228001	7.8	危険	シスコシステムズ	-	Cisco IOS の VRF-aware NAT 機能におけるサービス運用妨害 (メモリ消費) の脆弱性	CWE-362 競合状態	CVE-2013-1142	2013-04-23 17:13	2013-03-27	Show	GitHub Exploit DB Packet Storm

228002	6.4	警告	Ruby on Rails project	-	Ruby on Rails の Active Record コンポーネントにおけるデータ型インジェクション攻撃を実行される脆弱性	CWE-20 不適切な入力確認	CVE-2013-3221	2013-04-23 17:12	2013-04-22	Show	GitHub Exploit DB Packet Storm

228003	4.9	警告	Linux	-	Linux Kernel の net/vmw_vsock/af_vsock.c における重要な情報を取得される脆弱性	CWE-200 CWE-DesignError	CVE-2013-3237	2013-04-23 16:32	2013-04-7	Show	GitHub Exploit DB Packet Storm

228004	4.9	警告	Linux	-	Linux Kernel の net/vmw_vsock/vmci_transport.c における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-3236	2013-04-23 16:32	2013-04-7	Show	GitHub Exploit DB Packet Storm

228005	10	危険	日立	-	Hitachi IT Operations Director におけるバッファオーバーフローの脆弱性	CWE-noinfo 情報不足	-	2013-04-23 15:12	2013-04-19	Show	GitHub Exploit DB Packet Storm

228006	10	危険	Opera Software ASA	-	Opera における脆弱性	CWE-noinfo 情報不足	CVE-2013-3211	2013-04-23 15:08	2013-04-4	Show	GitHub Exploit DB Packet Storm

228007	5	警告	Opera Software ASA	-	Opera における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-3210	2013-04-23 15:07	2013-04-4	Show	GitHub Exploit DB Packet Storm

228008	4.9	警告	Puppet Canonical	-	Puppet における任意のカタログを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1652	2013-04-23 13:54	2013-03-12	Show	GitHub Exploit DB Packet Storm

228009	6.8	警告	Lester Chan	-	WordPress 用 WP-DownloadManager プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2697	2013-04-23 12:23	2013-04-5	Show	GitHub Exploit DB Packet Storm

228010	4.3	警告	Novell	-	Novell GroupWise の WebAccess におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-1086	2013-04-23 12:14	2013-04-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
226241	9.1	CRITICAL Network	libssh2 fedoraproject debian netapp opensuse	libssh2 fedora debian_linux ontap_select_deploy_administration_utility leap	An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to …	CWE-125 Out-of-bounds Read	CVE-2019-3859	2024-11-21 13:42	2019-03-22	Show	GitHub Exploit DB Packet Storm

226242	5.5	MEDIUM Local	libsndfile_project debian canonical	libsndfile debian_linux ubuntu_linux	It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this…	CWE-125 Out-of-bounds Read	CVE-2019-3832	2024-11-21 13:42	2019-03-22	Show	GitHub Exploit DB Packet Storm

226243	8.8	HIGH Network	indionetworks	unibox_firmware	An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. The tools/ping Ping feature of the Diagnostic Tools component is vulnerable to Remote Command Execution, allowing an at…	CWE-798 Use of Hard-coded Credentials	CVE-2019-3497	2024-11-21 13:42	2019-03-22	Show	GitHub Exploit DB Packet Storm

226244	8.8	HIGH Network	indionetworks	unibox_firmware	An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostic_tools_controller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an…	CWE-798 Use of Hard-coded Credentials	CVE-2019-3496	2024-11-21 13:42	2019-03-22	Show	GitHub Exploit DB Packet Storm

226245	8.8	HIGH Network	indionetworks	unibox_firmware	An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute…	CWE-798 CWE-434 Use of Hard-coded Credentials Unrestricted Upload of File with Dangerous Type	CVE-2019-3495	2024-11-21 13:42	2019-03-22	Show	GitHub Exploit DB Packet Storm

226246	7.5	HIGH Network	openwsman_project fedoraproject opensuse	openwsman fedora leap	Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit thi…	-	CVE-2019-3833	2024-11-21 13:42	2019-03-15	Show	GitHub Exploit DB Packet Storm

226247	7.5	HIGH Network	openwsman_project redhat fedoraproject opensuse	openwsman enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_tus enterprise_linux_server_eus enterprise_linux_server_aus enterp…	Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated atta…	-	CVE-2019-3816	2024-11-21 13:42	2019-03-15	Show	GitHub Exploit DB Packet Storm

226248	8.1	HIGH Network	cloudfoundry	capi-release	Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an endpoint with improper authorization. A remote authenticated malicious user with read permissions can request package information …	CWE-269 Improper Privilege Management	CVE-2019-3785	2024-11-21 13:42	2019-03-14	Show	GitHub Exploit DB Packet Storm

226249	7.8	HIGH Local	rsa	archer_grc_platform	RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The database connection password may get logged in plain text in the RSA Archer log files. An authenticated malic…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2019-3716	2024-11-21 13:42	2019-03-14	Show	GitHub Exploit DB Packet Storm

226250	5.5	MEDIUM Local	rsa	archer_grc_platform	RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in the RSA Archer log files. An authenticated malicious local …	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2019-3715	2024-11-21 13:42	2019-03-14	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed