Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 29, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 131411 | 7.5 |
重要
Local |
Parallels | parallels desktop | Parallels Desktop における Time-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 |
CWE-367 CWE-667 |
CVE-2021-31422 | 2022-01-5 15:28 | 2021-04-14 | Show | GitHub Exploit DB Packet Storm |
| 131412 | 6 |
警告
Local |
Parallels | parallels desktop | Parallels Desktop におけるパストラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2021-31421 | 2022-01-5 15:28 | 2021-04-14 | Show | GitHub Exploit DB Packet Storm |
| 131413 | 9.1 |
緊急
Network |
FOSSASIA | SUSI.AI | SUSI.AI における相対パストラバーサルの脆弱性 |
CWE-23
相対的パストラバーサル |
CVE-2020-4039 | 2022-01-5 15:28 | 2020-10-16 | Show | GitHub Exploit DB Packet Storm |
| 131414 | 6.1 |
警告
Network |
Dogtag PKI | Dogtag PKI | pki-core におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2020-1721 | 2022-01-5 15:28 | 2020-11-4 | Show | GitHub Exploit DB Packet Storm |
| 131415 | 6.5 |
警告
Network |
django-filter project Fedora Project |
Fedora django-filter |
django-filter における数値型間の変換の誤りに関する脆弱性 |
CWE-681
数値型間の変換の誤り |
CVE-2020-15225 | 2022-01-5 15:28 | 2020-09-27 | Show | GitHub Exploit DB Packet Storm |
| 131416 | 8.6 |
重要
Network |
シスコシステムズ | Cisco Firepower Threat Defense ソフトウェア | Cisco Firepower Threat Defense ソフトウェアにおけるバッファエラーの脆弱性 |
CWE-119
バッファエラー |
CVE-2021-1402 | 2022-01-5 15:28 | 2021-04-28 | Show | GitHub Exploit DB Packet Storm |
| 131417 | 7.8 |
重要
Local |
Esri | ArcGIS Earth | Esri ArcGIS Earth におけるパストラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2021-29100 | 2022-01-5 15:07 | 2021-05-3 | Show | GitHub Exploit DB Packet Storm |
| 131418 | 4.9 |
警告
Network |
Chamilo Association | Chamilo LMS | Chamilo LMS における権限管理に関する脆弱性 |
CWE-269
不適切な権限管理 |
CVE-2020-23128 | 2022-01-5 15:00 | 2020-04-22 | Show | GitHub Exploit DB Packet Storm |
| 131419 | 8.8 |
重要
Network |
OpenEMR | OpenEMR | OpenEMR における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2021-32104 | 2022-01-5 14:47 | 2021-05-7 | Show | GitHub Exploit DB Packet Storm |
| 131420 | 6.1 |
警告
Network |
LocalStack | LocalStack | StackLift LocalStack におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2021-32091 | 2022-01-5 14:25 | 2021-03-15 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 29, 2026, 4:19 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 621 | 8.3 |
HIGH
Network |
- | - | Unauthenticated Broken Access Control in MailChimp Block <= 1.1.15 versions. New |
CWE-862
Missing Authorization |
CVE-2026-56063 | 2026-06-27 03:17 | 2026-06-27 | Show | GitHub Exploit DB Packet Storm |
| 622 | 9.9 |
CRITICAL
Network |
- | - | Subscriber Arbitrary File Upload in Quform <= 2.23.0 versions. New |
CWE-434
Unrestricted Upload of File with Dangerous Type |
CVE-2026-56058 | 2026-06-27 03:17 | 2026-06-27 | Show | GitHub Exploit DB Packet Storm |
| 623 | 9.8 |
CRITICAL
Network |
- | - | Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions. New |
CWE-502
Deserialization of Untrusted Data |
CVE-2026-56057 | 2026-06-27 03:17 | 2026-06-27 | Show | GitHub Exploit DB Packet Storm |
| 624 | 7.1 |
HIGH
Network |
- | - | Unauthenticated Cross Site Scripting (XSS) in Automatic < 3.135.1 versions. New |
CWE-79
Cross-site Scripting |
CVE-2026-56045 | 2026-06-27 03:17 | 2026-06-27 | Show | GitHub Exploit DB Packet Storm |
| 625 | 7.1 |
HIGH
Network |
- | - | Unauthenticated Cross Site Scripting (XSS) in Blog2Social <= 8.9.2 versions. New |
CWE-79
Cross-site Scripting |
CVE-2026-56044 | 2026-06-27 03:17 | 2026-06-27 | Show | GitHub Exploit DB Packet Storm |
| 626 | 8.8 |
HIGH
Network |
- | - | Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions. New |
CWE-862
Missing Authorization |
CVE-2026-56038 | 2026-06-27 03:17 | 2026-06-27 | Show | GitHub Exploit DB Packet Storm |
| 627 | 9.3 |
CRITICAL
Network |
- | - | Unauthenticated SQL Injection in 워드프레스 결제 심플페이 <= 5.5.6 versions. New |
CWE-89
SQL Injection |
CVE-2026-56036 | 2026-06-27 03:17 | 2026-06-27 | Show | GitHub Exploit DB Packet Storm |
| 628 | 8.1 |
HIGH
Network |
- | - | Unauthenticated PHP Object Injection in Uncanny Automator <= 7.3.1.2 versions. New |
CWE-502
Deserialization of Untrusted Data |
CVE-2026-56031 | 2026-06-27 03:17 | 2026-06-27 | Show | GitHub Exploit DB Packet Storm |
| 629 | 9.8 |
CRITICAL
Network |
- | - | Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions. New |
CWE-266
Incorrect Privilege Assignment |
CVE-2026-56030 | 2026-06-27 03:17 | 2026-06-27 | Show | GitHub Exploit DB Packet Storm |
| 630 | 7.5 |
HIGH
Network |
- | - | Unauthenticated Broken Access Control in Paymob for WooCommerce <= 4.1.2 versions. New |
CWE-862
Missing Authorization |
CVE-2026-56025 | 2026-06-27 03:17 | 2026-06-27 | Show | GitHub Exploit DB Packet Storm |