Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228501 6.8 警告 シスコシステムズ - Cisco IOS の Generic Input/Output コントロールの実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-1217 2013-04-25 16:10 2013-04-19 Show GitHub Exploit DB Packet Storm
228502 5 警告 シスコシステムズ - Cisco Unified Contact Center Express のスクリプトエディタにおける任意のスクリプトを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-1214 2013-04-25 16:10 2013-04-19 Show GitHub Exploit DB Packet Storm
228503 5 警告 シスコシステムズ - Cisco ASA デバイスおよび Cisco FWSM 上で稼働する time-based ACL の実装におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-1195 2013-04-25 16:09 2013-04-22 Show GitHub Exploit DB Packet Storm
228504 10 危険 Novell - Novell iManager における脆弱性 CWE-287
不適切な認証 		CVE-2013-3268 2013-04-25 16:09 2013-04-10 Show GitHub Exploit DB Packet Storm
228505 6.8 警告 Novell - Novell iManager で使用される Apache Tomcat におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-1088 2013-04-25 16:08 2013-04-10 Show GitHub Exploit DB Packet Storm
228506 4.3 警告 IBM - IBM WebSphere Application Server の RPC アダプタにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0565 2013-04-25 16:01 2013-04-15 Show GitHub Exploit DB Packet Storm
228507 5.5 警告 IBM - Linux および UNIX 上で稼働する IBM WebSphere Application Server におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-0544 2013-04-25 15:58 2013-04-15 Show GitHub Exploit DB Packet Storm
228508 6.8 警告 IBM - 複数の OS 上で稼働する IBM WebSphere Application Server におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0543 2013-04-25 15:54 2013-04-15 Show GitHub Exploit DB Packet Storm
228509 4.3 警告 IBM - IBM WebSphere Application Server の管理コンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0542 2013-04-25 15:50 2013-04-15 Show GitHub Exploit DB Packet Storm
228510 1.9 注意 IBM - Windows 上で稼働する IBM WebSphere Application Server におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-0541 2013-04-25 15:33 2013-04-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
217241 5.5 MEDIUM
Local 		rockcarry ffjpeg ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c. CWE-787
 Out-of-bounds Write 		CVE-2020-15470 2024-11-21 14:05 2020-07-1 Show GitHub Exploit DB Packet Storm
217242 9.8 CRITICAL
Network 		persian_vip_download_script_project persian_vip_download_script Persian VIP Download Script 1.0 allows SQL Injection via the cart_edit.php active parameter. CWE-89
SQL Injection 		CVE-2020-15468 2024-11-21 14:05 2020-07-1 Show GitHub Exploit DB Packet Storm
217243 6.1 MEDIUM
Network 		nozominetworks guardian Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS (in the web front end) by leveraging the ability to create a custom field with a crafted field name. CWE-79
Cross-site Scripting 		CVE-2020-15307 2024-11-21 14:05 2020-07-1 Show GitHub Exploit DB Packet Storm
217244 9.8 CRITICAL
Network 		draytek vigor3900_firmware
vigor2960_firmware
vigor300b_firmware 		On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-pytho… CWE-78
OS Command  		CVE-2020-15415 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
217245 4.3 MEDIUM
Network 		misp misp An issue was discovered in MISP 2.4.128. app/Controller/EventsController.php lacks an event ACL check before proceeding to allow a user to send an event contact form. CWE-862
 Missing Authorization 		CVE-2020-15412 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
217246 9.8 CRITICAL
Network 		misp misp An issue was discovered in MISP 2.4.128. app/Controller/AttributesController.php has insufficient ACL checks in the attachment downloader. NVD-CWE-noinfo
CVE-2020-15411 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
217247 4.4 MEDIUM
Local 		iobit malware_fighter IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privileges for file deletion by manipulating malicious flagged file locations with an NTFS junction and an Object Manager symbolic link. CWE-59
Link Following 		CVE-2020-15401 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
217248 4.3 MEDIUM
Network 		cakefoundation cakephp CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS. CWE-352
CWE-79
 Origin Validation Error
Cross-site Scripting 		CVE-2020-15400 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
217249 7.8 HIGH
Local 		hylafax\+_project
ifax 		hylafax\+
hylafax_enterprise 		HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uuc… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-15397 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm
217250 7.8 HIGH
Local 		hylafax\+_project
ifax
fedoraproject
opensuse 		hylafax\+
hylafax_enterprise
fedora
leap
backports_sle 		In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to… CWE-362
Race Condition 		CVE-2020-15396 2024-11-21 14:05 2020-06-30 Show GitHub Exploit DB Packet Storm