Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228011	2.1	注意	Tomasbarej	-	Drupal 用 Menu Reference モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0324	2013-04-1 14:40	2013-02-20	Show	GitHub Exploit DB Packet Storm

228012	4.3	警告	Kristof De Jaeger	-	Drupal 用 Display Suite モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0323	2013-04-1 14:39	2013-02-20	Show	GitHub Exploit DB Packet Storm

228013	4.3	警告	Ubercart	-	Drupal 用 Ubercart モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0322	2013-04-1 14:38	2013-02-20	Show	GitHub Exploit DB Packet Storm

228014	4.3	警告	Mads Peter Henderson	-	Drupal 用 Ubercart Views モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0321	2013-04-1 14:37	2013-02-20	Show	GitHub Exploit DB Packet Storm

228015	5.1	警告	mattias hutterer	-	Drupal 用 Taxonomy Manager モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-0320	2013-04-1 14:37	2013-02-20	Show	GitHub Exploit DB Packet Storm

228016	4.3	警告	Yandex.Metrics Pproject	-	Drupal 用 Yandex.Metrics モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0319	2013-04-1 14:36	2013-02-19	Show	GitHub Exploit DB Packet Storm

228017	10	危険	Banckle Chat Project	-	Drupal 用 Banckle Chat モジュールにおける制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0318	2013-04-1 14:17	2013-02-13	Show	GitHub Exploit DB Packet Storm

228018	4.3	警告	Joe Haskins	-	Drupal 用 Manager Change for Organic Groups モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0317	2013-04-1 14:16	2013-02-12	Show	GitHub Exploit DB Packet Storm

228019	5	警告	Drupal	-	Drupal の Image モジュールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-0316	2013-04-1 14:15	2013-02-20	Show	GitHub Exploit DB Packet Storm

228020	2.1	注意	Elliot Pahl	-	Drupal 用 Drush Debian Packaging モジュールにおけるデータベースの認証情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2013-0260	2013-04-1 14:13	2013-01-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194411	9.6	CRITICAL Adjacent	netgear	rbw30_firmware rbs40v_firmware rbk852_firmware rbk853_firmware rbk854_firmware rbr850_firmware rbs850_firmware rbk752_firmware rbk753_firmware rbk753s_firmware rbk754_fi…	Certain NETGEAR devices are affected by authentication bypass. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR…	NVD-CWE-noinfo	CVE-2021-29067	2024-11-21 15:00	2021-03-23	Show	GitHub Exploit DB Packet Storm

194412	8.8	HIGH Network	netgear	r6700_firmware r6400_firmware r7000_firmware r6900p_firmware r7000p_firmware r7900_firmware r7850_firmware r8000_firmware rs400_firmware r6900_firmware mk60_firmware …	Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7…	CWE-120 Classic Buffer Overflow	CVE-2021-29068	2024-11-21 15:00	2021-03-23	Show	GitHub Exploit DB Packet Storm

194413	5.5	MEDIUM Local	linux fedoraproject debian netapp	linux_kernel fedora debian_linux cloud_backup solidfire_baseboard_management_controller_firmware aff_a250_firmware aff_500f_firmware	In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PE…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2021-28971	2024-11-21 15:00	2021-03-23	Show	GitHub Exploit DB Packet Storm

194414	6.7	MEDIUM Local	linux fedoraproject netapp	linux_kernel fedora cloud_backup solidfire_baseboard_management_controller_firmware fas\/aff_baseboard_management_controller	In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace…	CWE-120 Classic Buffer Overflow	CVE-2021-28972	2024-11-21 15:00	2021-03-23	Show	GitHub Exploit DB Packet Storm

194415	5.4	MEDIUM Network	gnu	punbb	An issue was discovered in PunBB before 1.4.6. An XSS vulnerability in the [email] BBcode tag allows (with authentication) injecting arbitrary JavaScript into any forum message.	CWE-79 Cross-site Scripting	CVE-2021-28968	2024-11-21 15:00	2021-03-23	Show	GitHub Exploit DB Packet Storm

194416	4.7	MEDIUM Local	linux fedoraproject debian netapp	linux_kernel fedora debian_linux cloud_backup solidfire_baseboard_management_controller_firmware aff_a250_firmware fas_500f_firmware	A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an exten…	CWE-362 Race Condition	CVE-2021-28964	2024-11-21 15:00	2021-03-22	Show	GitHub Exploit DB Packet Storm

194417	5.3	MEDIUM Network	shibboleth debian	service_provider debian_linux	Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.	CWE-74 Injection	CVE-2021-28963	2024-11-21 15:00	2021-03-22	Show	GitHub Exploit DB Packet Storm

194418	8.8	HIGH Network	sass_lint_project	sass_lint	The unofficial vscode-sass-lint (aka Sass Lint) extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnera…	NVD-CWE-noinfo	CVE-2021-28956	2024-11-21 15:00	2021-03-22	Show	GitHub Exploit DB Packet Storm

194419	9.8	CRITICAL Network	git-bug_project	git-bug	git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows).	CWE-427 Uncontrolled Search Path Element	CVE-2021-28955	2024-11-21 15:00	2021-03-22	Show	GitHub Exploit DB Packet Storm

194420	8.8	HIGH Network	openwrt	openwrt	applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in the DDNS package for OpenWrt 19.07 allows remote authenticated users to inject arbitrary commands via POST requests.	CWE-78 OS Command	CVE-2021-28961	2024-11-21 15:00	2021-03-21	Show	GitHub Exploit DB Packet Storm