Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228371	2.6	注意	株式会社ピーエムナイン	-	OpenWnnフリック入力対応版におけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-2300	2013-03-26 12:02	2013-03-26	Show	GitHub Exploit DB Packet Storm

228372	2.6	注意	COB's Products	-	COBIME におけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0720	2013-03-26 12:01	2013-03-26	Show	GitHub Exploit DB Packet Storm

228373	2.6	注意	codedesign.jp	-	ArtIME 日本語入力におけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0719	2013-03-26 12:01	2013-03-26	Show	GitHub Exploit DB Packet Storm

228374	2.6	注意	Baidu, Inc.	-	Simeji におけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0718	2013-03-26 12:01	2013-03-26	Show	GitHub Exploit DB Packet Storm

228375	6.8	警告	Verizon	-	Verizon FiOS Actiontec ルータ MI424WR-GEN3I にクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-0126	2013-03-26 10:48	2013-03-19	Show	GitHub Exploit DB Packet Storm

228376	4.3	警告	Askia	-	ASKIA askiaweb の管理インターフェイスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0124	2013-03-25 19:10	2013-03-20	Show	GitHub Exploit DB Packet Storm

228377	7.5	危険	Askia	-	ASKIA askiaweb の管理インターフェイスにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-0123	2013-03-25 19:09	2013-03-20	Show	GitHub Exploit DB Packet Storm

228378	3.5	注意	IBM	-	IBM Tivoli Endpoint Manager の Web レポートにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0453	2013-03-25 19:09	2013-03-20	Show	GitHub Exploit DB Packet Storm

228379	4.3	警告	IBM	-	IBM Rational ClearQuest の Web クライアントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5757	2013-03-25 19:08	2013-03-20	Show	GitHub Exploit DB Packet Storm

228380	7.5	危険	CA Technologies	-	複数の CA SiteMinder 製品における他のユーザを偽装される脆弱性	CWE-20 不適切な入力確認	CVE-2013-2279	2013-03-25 19:07	2013-03-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194611	6.1	MEDIUM Network	liferay	dxp	Cross-site scripting (XSS) vulnerability in the Portal Workflow module's edit process page in Liferay DXP 7.0 before fix pack 99, 7.1 before fix pack 23, 7.2 before fix pack 12 and 7.3 before fix pac…	CWE-79 Cross-site Scripting	CVE-2021-29049	2024-11-21 15:00	2021-06-10	Show	GitHub Exploit DB Packet Storm

194612	7.2	HIGH Network	roonlabs	roon_server	If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. Roon Labs has already fixed this vulnerability in the following versions: Roon Server 2021-0…	CWE-77 Command Injection	CVE-2021-28811	2024-11-21 15:00	2021-06-8	Show	GitHub Exploit DB Packet Storm

194613	7.5	HIGH Network	qnap	roon_server	If exploited, this vulnerability allows an attacker to access resources which are not otherwise accessible without proper authentication. Roon Labs has already fixed this vulnerability in the followi…	-	CVE-2021-28810	2024-11-21 15:00	2021-06-8	Show	GitHub Exploit DB Packet Storm

194614	5.3	MEDIUM Network	esri	arcgis_server	A SQL injection vulnerability exists in some configurations of ArcGIS Server versions 10.8.1 and earlier. Specially crafted web requests can expose information that is not intended to be disclosed (n…	CWE-89 SQL Injection	CVE-2021-29099	2024-11-21 15:00	2021-06-7	Show	GitHub Exploit DB Packet Storm

194615	7.5	HIGH Network	mintty_project	mintty	Mintty before 3.4.5 allows remote servers to cause a denial of service (Windows GUI hang) by telling the Mintty window to change its title repeatedly at high speed, which results in many SetWindowTex…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2021-28848	2024-11-21 15:00	2021-06-3	Show	GitHub Exploit DB Packet Storm

194616	7.5	HIGH Network	mobatek	mobaxterm	MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA …	NVD-CWE-noinfo	CVE-2021-28847	2024-11-21 15:00	2021-06-3	Show	GitHub Exploit DB Packet Storm

194617	8.8	HIGH Network	qnap	video_station	A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue aff…	CWE-77 Command Injection	CVE-2021-28812	2024-11-21 15:00	2021-06-3	Show	GitHub Exploit DB Packet Storm

194618	5.4	MEDIUM Network	qnap	q\'center	A post-authentication reflected XSS vulnerability has been reported to affect QNAP NAS running Q’center. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have a…	-	CVE-2021-28807	2024-11-21 15:00	2021-06-3	Show	GitHub Exploit DB Packet Storm

194619	5.4	MEDIUM Network	qnap	qts quts_hero qutscloud	A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Syst…	-	CVE-2021-28806	2024-11-21 15:00	2021-06-3	Show	GitHub Exploit DB Packet Storm

194620	5.5	MEDIUM Local	python fedoraproject	pillow fedora	An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decode…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2021-28678	2024-11-21 15:00	2021-06-3	Show	GitHub Exploit DB Packet Storm