Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228241	6.8	警告	Crunchify	-	WordPress 用 FourSquare Checkins プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2709	2013-04-30 17:54	2013-04-22	Show	GitHub Exploit DB Packet Storm

228242	6.8	警告	Crunchify	-	WordPress 用 All in One Webmaster プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2696	2013-04-30 17:52	2013-04-22	Show	GitHub Exploit DB Packet Storm

228243	5	警告	Blink Web Effects	-	WordPress 用 Social Media Widget プラグインにおける任意のファイルのアップロードを強制される脆弱性	CWE-noinfo 情報不足	CVE-2013-1949	2013-04-30 17:51	2013-04-9	Show	GitHub Exploit DB Packet Storm

228244	10	危険	Rob Westgeest	-	Ruby 用 md2pdf gem の converter.rb における任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2013-1948	2013-04-30 17:51	2013-04-10	Show	GitHub Exploit DB Packet Storm

228245	9.3	危険	Kelly D. Redding	-	Ruby 用 kelredd-pruview gem における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2013-1947	2013-04-30 17:50	2013-04-4	Show	GitHub Exploit DB Packet Storm

228246	9.3	危険	karteek-docsplit	-	Ruby 用 Karteek Docsplit gem における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2013-1933	2013-04-30 17:49	2013-04-1	Show	GitHub Exploit DB Packet Storm

228247	6.8	警告	Novell plataformatec	-	Ruby 用 Devise gem における不正な結果が返される脆弱性	CWE-399 リソース管理の問題	CVE-2013-0233	2013-04-30 17:48	2013-01-28	Show	GitHub Exploit DB Packet Storm

228248	7.5	危険	Grape Erik Michaels-Ober	-	Grape などの製品で使用される Ruby 用 multi_xml gem におけるオブジェクトインジェクション攻撃を誘発される脆弱性	CWE-20 不適切な入力確認	CVE-2013-0175	2013-04-30 17:43	2013-01-10	Show	GitHub Exploit DB Packet Storm

228249	5	警告	Ruby-lang.org	-	Ruby における safe-level の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4466	2013-04-30 17:29	2012-10-3	Show	GitHub Exploit DB Packet Storm

228250	5	警告	Ruby-lang.org	-	Ruby における safe-level の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4464	2013-04-30 17:25	2012-10-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194181	5.9	MEDIUM Network	ibm	business_process_manager business_automation_workflow	IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to un…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2021-29753	2024-11-21 15:01	2021-11-6	Show	GitHub Exploit DB Packet Storm

194182	8.8	HIGH Network	ibm	infosphere_information_server	IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website…	CWE-352 Origin Validation Error	CVE-2021-29888	2024-11-21 15:01	2021-11-3	Show	GitHub Exploit DB Packet Storm

194183	7.5	HIGH Network	ibm	infosphere_information_server	IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information due to a insecure third party domain access vulnerability. IBM X-Force ID: 206572.	NVD-CWE-noinfo	CVE-2021-29875	2024-11-21 15:01	2021-11-3	Show	GitHub Exploit DB Packet Storm

194184	5.4	MEDIUM Network	ibm	infosphere_information_server	IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality…	CWE-79 Cross-site Scripting	CVE-2021-29771	2024-11-21 15:01	2021-11-3	Show	GitHub Exploit DB Packet Storm

194185	5.4	MEDIUM Network	ibm	infosphere_information_server	IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7 ) is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-29738	2024-11-21 15:01	2021-11-3	Show	GitHub Exploit DB Packet Storm

194186	7.5	HIGH Network	ibm	infosphere_information_server	IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has improper validation of the REST API server certificate. IBM X-Force ID: 201301.	CWE-295 Improper Certificate Validation	CVE-2021-29737	2024-11-21 15:01	2021-11-3	Show	GitHub Exploit DB Packet Storm

194187	5.5	MEDIUM Local	ibm	i2_ibase	IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 206213.	CWE-613 Insufficient Session Expiration	CVE-2021-29868	2024-11-21 15:01	2021-10-28	Show	GitHub Exploit DB Packet Storm

194188	6.5	MEDIUM Network	ibm	rational_team_concert rational_doors_next_generation rational_engineering_lifecycle_manager engineering_workflow_management rational_collaborative_lifecycle_management engineering_life…	IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.	CWE-312 Cleartext Storage of Sensitive Information	CVE-2021-29786	2024-11-21 15:01	2021-10-28	Show	GitHub Exploit DB Packet Storm

194189	7.5	HIGH Network	ibm	rational_team_concert rational_doors_next_generation rational_engineering_lifecycle_manager engineering_workflow_management rational_collaborative_lifecycle_management engineering_life…	IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025.	NVD-CWE-noinfo	CVE-2021-29774	2024-11-21 15:01	2021-10-28	Show	GitHub Exploit DB Packet Storm

194190	5.4	MEDIUM Network	ibm	rational_doors_next_generation rational_engineering_lifecycle_manager rational_collaborative_lifecycle_management engineering_lifecycle_optimization rational_team_concert	IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potenti…	CWE-79 Cross-site Scripting	CVE-2021-29713	2024-11-21 15:01	2021-10-28	Show	GitHub Exploit DB Packet Storm