Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228331	7.5	危険	Wesley Destailleur	-	Todoo Forum の todooforum.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3537	2013-05-15 17:46	2013-05-13	Show	GitHub Exploit DB Packet Storm

228332	7.5	危険	WHMCS Limited	-	WHMCS 用 Group Pay モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3536	2013-05-15 17:38	2013-05-13	Show	GitHub Exploit DB Packet Storm

228333	4.3	警告	ThemeLogik	-	CMSLogik におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3535	2013-05-15 17:35	2013-05-13	Show	GitHub Exploit DB Packet Storm

228334	4.3	警告	algisinfo	-	Joomla! 用の aiContactSafe コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3534	2013-05-15 17:32	2013-04-16	Show	GitHub Exploit DB Packet Storm

228335	2.6	注意	Fedora Project	-	389 Directory Server の ldap/servers/slapd/search.c における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1897	2013-05-15 16:07	2013-03-28	Show	GitHub Exploit DB Packet Storm

228336	7.5	危険	Virtual Access	-	Virtual Access Monitor における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3533	2013-05-14 15:49	2013-05-10	Show	GitHub Exploit DB Packet Storm

228337	7.5	危険	Web-Dorado	-	Drupal 用 Web Dorado Spider Video Player プラグインの settings.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3532	2013-05-14 15:49	2013-05-10	Show	GitHub Exploit DB Packet Storm

228338	7.5	危険	RadioCMS	-	RadioCMS の meneger.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3531	2013-05-14 15:48	2013-05-10	Show	GitHub Exploit DB Packet Storm

228339	7.5	危険	Fabricio Zuardi	-	WordPress 用 Spiffy XSPF Player プラグインの playlist.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3530	2013-05-14 15:47	2013-05-10	Show	GitHub Exploit DB Packet Storm

228340	4.3	警告	Smarty Pants Plugins	-	WordPress 用 WP FuneralPress プラグインの user/obits.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3529	2013-05-14 15:46	2013-05-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
193771	5.5	MEDIUM Local	razer	synapse	Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of fil…	CWE-276 Incorrect Default Permissions	CVE-2021-30494	2024-11-21 15:04	2021-04-15	Show	GitHub Exploit DB Packet Storm

193772	5.5	MEDIUM Local	razer	synapse	Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file…	CWE-276 Incorrect Default Permissions	CVE-2021-30493	2024-11-21 15:04	2021-04-15	Show	GitHub Exploit DB Packet Storm

193773	5.4	MEDIUM Network	htmly	htmly	htmly 2.8.0 allows stored XSS via the blog title, Tagline, or Description to config.html.php.	CWE-79 Cross-site Scripting	CVE-2021-30637	2024-11-21 15:04	2021-04-13	Show	GitHub Exploit DB Packet Storm

193774	9.8	CRITICAL Network	glsl_linting_project	glsl_linting	The unofficial GLSL Linting extension before 1.4.0 for Visual Studio Code allows remote code execution via a crafted glslangValidatorPath in the workspace configuration.	NVD-CWE-Other	CVE-2021-30503	2024-11-21 15:04	2021-04-13	Show	GitHub Exploit DB Packet Storm

193775	6.5	MEDIUM Network	ezxml_project debian	ezxml debian_linux	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference wh…	CWE-476 NULL Pointer Dereference	CVE-2021-30485	2024-11-21 15:04	2021-04-12	Show	GitHub Exploit DB Packet Storm

193776	9.0	CRITICAL Network	valvesoftware	steam_client	Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after o…	CWE-120 Classic Buffer Overflow	CVE-2021-30481	2024-11-21 15:04	2021-04-11	Show	GitHub Exploit DB Packet Storm

193777	8.8	HIGH Network	zoom	chat	Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, o…	NVD-CWE-noinfo	CVE-2021-30480	2024-11-21 15:04	2021-04-10	Show	GitHub Exploit DB Packet Storm

193778	6.1	MEDIUM Network	dzzoffice	dzzoffice	A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scripts or HTML.	CWE-79 Cross-site Scripting	CVE-2021-30203	2024-11-21 15:03	2023-06-27	Show	GitHub Exploit DB Packet Storm

193779	7.5	HIGH Network	vsftpd_project	vsftpd	VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed.	NVD-CWE-noinfo	CVE-2021-30047	2024-11-21 15:03	2023-08-23	Show	GitHub Exploit DB Packet Storm

193780	5.3	MEDIUM Network	dzzoffice	dzzoffice	Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02.1_SC_UTF8 allows unauthenticated attackers to browse departments and usernames.	NVD-CWE-Other	CVE-2021-30205	2024-11-21 15:03	2023-06-27	Show	GitHub Exploit DB Packet Storm