Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228581 4.3 警告 Mads Peter Henderson - Drupal 用 Ubercart Views モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0321 2013-04-1 14:37 2013-02-20 Show GitHub Exploit DB Packet Storm
228582 5.1 警告 mattias hutterer - Drupal 用 Taxonomy Manager モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-0320 2013-04-1 14:37 2013-02-20 Show GitHub Exploit DB Packet Storm
228583 4.3 警告 Yandex.Metrics Pproject - Drupal 用 Yandex.Metrics モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0319 2013-04-1 14:36 2013-02-19 Show GitHub Exploit DB Packet Storm
228584 10 危険 Banckle Chat Project - Drupal 用 Banckle Chat モジュールにおける制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0318 2013-04-1 14:17 2013-02-13 Show GitHub Exploit DB Packet Storm
228585 4.3 警告 Joe Haskins - Drupal 用 Manager Change for Organic Groups モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0317 2013-04-1 14:16 2013-02-12 Show GitHub Exploit DB Packet Storm
228586 5 警告 Drupal - Drupal の Image モジュールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-0316 2013-04-1 14:15 2013-02-20 Show GitHub Exploit DB Packet Storm
228587 2.1 注意 Elliot Pahl - Drupal 用 Drush Debian Packaging モジュールにおけるデータベースの認証情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2013-0260 2013-04-1 14:13 2013-01-30 Show GitHub Exploit DB Packet Storm
228588 2.1 注意 Boxes project - Drupal 用 Boxes モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0259 2013-04-1 14:11 2013-01-23 Show GitHub Exploit DB Packet Storm
228589 6.8 警告 Attiks - Drupal 用 Google Authenticator login モジュールにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2013-0258 2013-04-1 14:08 2013-01-29 Show GitHub Exploit DB Packet Storm
228590 5 警告 David Alkire - Drupal 用 email2image モジュールにおけるユーザの電子メール情報のイメージ画像を読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0257 2013-04-1 14:06 2013-01-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
203531 9.8 CRITICAL
Network 		dlink dsl-2640b_firmware An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A hard-coded account allows management-interface login with high privileges. The logged-in user can perform critical tasks and take fu… CWE-798
 Use of Hard-coded Credentials 		CVE-2020-9279 2024-11-21 14:40 2020-04-21 Show GitHub Exploit DB Packet Storm
203532 9.1 CRITICAL
Network 		dlink dsl-2640b_firmware An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The device can be reset to its default configuration by accessing an unauthenticated URL. CWE-306
Missing Authentication for Critical Function 		CVE-2020-9278 2024-11-21 14:40 2020-04-21 Show GitHub Exploit DB Packet Storm
203533 9.8 CRITICAL
Network 		dlink dsl-2640b_firmware An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when accessing cgi modules. This allows one to perform administrative tasks (e.g., modify the admin pas… CWE-287
Improper Authentication 		CVE-2020-9277 2024-11-21 14:40 2020-04-21 Show GitHub Exploit DB Packet Storm
203534 8.8 HIGH
Network 		dlink dsl-2640b_firmware An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The function do_cgi(), which processes cgi requests supplied to the device's web servers, is vulnerable to a remotely exploitable stac… CWE-787
 Out-of-bounds Write 		CVE-2020-9276 2024-11-21 14:40 2020-04-21 Show GitHub Exploit DB Packet Storm
203535 9.8 CRITICAL
Network 		dlink dsl-2640b_firmware An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on port 65002 allows remote, unauthenticated exfiltration of administrative credentials. CWE-306
Missing Authentication for Critical Function 		CVE-2020-9275 2024-11-21 14:40 2020-04-21 Show GitHub Exploit DB Packet Storm
203536 6.1 MEDIUM
Network 		zulip zulip_server Zulip Server before 2.1.3 allows XSS via the modal_link feature in the Markdown functionality. CWE-79
Cross-site Scripting 		CVE-2020-9445 2024-11-21 14:40 2020-04-21 Show GitHub Exploit DB Packet Storm
203537 6.1 MEDIUM
Network 		zulip zulip_server Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality. CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2020-9444 2024-11-21 14:40 2020-04-21 Show GitHub Exploit DB Packet Storm
203538 8.8 HIGH
Network 		microfocus enterprise_developer
enterprise_server 		Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. The v… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-9523 2024-11-21 14:40 2020-04-18 Show GitHub Exploit DB Packet Storm
203539 7.5 HIGH
Network 		silverstripe silverstripe In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x may be put to the default "/Uploads" folder instead. This affects installations which allowed uploa… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-9280 2024-11-21 14:40 2020-04-16 Show GitHub Exploit DB Packet Storm
203540 8.8 HIGH
Network 		subex roc_partner_settlement An Insecure Direct Object Reference (IDOR) vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipula… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2020-9384 2024-11-21 14:40 2020-04-15 Show GitHub Exploit DB Packet Storm