Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 19, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228501	5	警告	シスコシステムズ	-	Cisco Unified Contact Center Express のスクリプトエディタにおける任意のスクリプトを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1214	2013-04-25 16:10	2013-04-19	Show	GitHub Exploit DB Packet Storm

228502	5	警告	シスコシステムズ	-	Cisco ASA デバイスおよび Cisco FWSM 上で稼働する time-based ACL の実装におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1195	2013-04-25 16:09	2013-04-22	Show	GitHub Exploit DB Packet Storm

228503	10	危険	Novell	-	Novell iManager における脆弱性	CWE-287 不適切な認証	CVE-2013-3268	2013-04-25 16:09	2013-04-10	Show	GitHub Exploit DB Packet Storm

228504	6.8	警告	Novell	-	Novell iManager で使用される Apache Tomcat におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-1088	2013-04-25 16:08	2013-04-10	Show	GitHub Exploit DB Packet Storm

228505	4.3	警告	IBM	-	IBM WebSphere Application Server の RPC アダプタにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0565	2013-04-25 16:01	2013-04-15	Show	GitHub Exploit DB Packet Storm

228506	5.5	警告	IBM	-	Linux および UNIX 上で稼働する IBM WebSphere Application Server におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-0544	2013-04-25 15:58	2013-04-15	Show	GitHub Exploit DB Packet Storm

228507	6.8	警告	IBM	-	複数の OS 上で稼働する IBM WebSphere Application Server におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0543	2013-04-25 15:54	2013-04-15	Show	GitHub Exploit DB Packet Storm

228508	4.3	警告	IBM	-	IBM WebSphere Application Server の管理コンソールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0542	2013-04-25 15:50	2013-04-15	Show	GitHub Exploit DB Packet Storm

228509	1.9	注意	IBM	-	Windows 上で稼働する IBM WebSphere Application Server におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-0541	2013-04-25 15:33	2013-04-15	Show	GitHub Exploit DB Packet Storm

228510	3.5	注意	IBM	-	IBM WebSphere Application Server の Liberty Profile におけるアクセス制限を回避される脆弱性	CWE-287 不適切な認証	CVE-2013-0540	2013-04-25 15:28	2013-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194121	6.1	MEDIUM Network	froala	froala_editor	Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent Cross-site scripting (XSS) vulnerability within the hyperlink crea…	CWE-79 Cross-site Scripting	CVE-2021-30109	2024-11-21 15:03	2021-04-5	Show	GitHub Exploit DB Packet Storm

194122	6.1	MEDIUM Network	eng	knowage	Knowage Suite before 7.4 is vulnerable to cross-site scripting (XSS). An attacker can inject arbitrary external script in '/knowagecockpitengine/api/1.0/pages/execute' via the 'SBI_HOST' parameter.	CWE-79 Cross-site Scripting	CVE-2021-30058	2024-11-21 15:03	2021-04-5	Show	GitHub Exploit DB Packet Storm

194123	4.8	MEDIUM Network	eng	knowage	A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.	CWE-74 Injection	CVE-2021-30057	2024-11-21 15:03	2021-04-5	Show	GitHub Exploit DB Packet Storm

194124	5.4	MEDIUM Network	eng	knowage	Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in /restful-services/publish via the 'EXEC_FROM' parameter that can lead to…	CWE-79 Cross-site Scripting	CVE-2021-30056	2024-11-21 15:03	2021-04-5	Show	GitHub Exploit DB Packet Storm

194125	8.8	HIGH Network	eng	knowage	A SQL injection vulnerability in Knowage Suite version 7.1 exists in the documentexecution/url analytics driver component via the 'par_year' parameter when running a report.	CWE-89 SQL Injection	CVE-2021-30055	2024-11-21 15:03	2021-04-5	Show	GitHub Exploit DB Packet Storm

194126	7.3	HIGH Network	terra-master	f2-210_firmware	TerraMaster F2-210 devices through 2021-04-03 use UPnP to make the admin web server accessible over the Internet on TCP port 8181, which is arguably inconsistent with the "It is only available on the…	NVD-CWE-Other	CVE-2021-30127	2024-11-21 15:03	2021-04-4	Show	GitHub Exploit DB Packet Storm

194127	6.1	MEDIUM Network	docsifyjs	docsify	docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character.	CWE-79 Cross-site Scripting	CVE-2021-30074	2024-11-21 15:03	2021-04-3	Show	GitHub Exploit DB Packet Storm

194128	6.5	MEDIUM Network	lightmeter	controlcenter	Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyone who knows the URL of a publicly available Lightmeter instance to access application settings, possibly including an SMTP passwo…	NVD-CWE-noinfo	CVE-2021-30126	2024-11-21 15:03	2021-04-3	Show	GitHub Exploit DB Packet Storm

194129	6.1	MEDIUM Network	jamf	jamf	Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376.	CWE-79 Cross-site Scripting	CVE-2021-30125	2024-11-21 15:03	2021-04-3	Show	GitHub Exploit DB Packet Storm

194130	9.8	CRITICAL Network	dlink	dir-878_firmware	An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication.	CWE-787 Out-of-bounds Write	CVE-2021-30072	2024-11-21 15:03	2021-04-3	Show	GitHub Exploit DB Packet Storm