Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225711	7.5	危険	Lina Wolf	-	TYPO3 用 SEO Pack for tt_news エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-4719	2013-07-1 14:40	2013-01-28	Show	GitHub Exploit DB Packet Storm

225712	6.5	警告	Dev-Team Typoheads	-	TYPO3 用 Formhandler エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-6577	2013-07-1 14:39	2012-10-25	Show	GitHub Exploit DB Packet Storm

225713	4.3	警告	Antti Alamaki	-	Drupal 用 PRH Search モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6576	2013-07-1 14:38	2012-09-8	Show	GitHub Exploit DB Packet Storm

225714	4.3	警告	Shushu Inbar	-	Drupal 用 Exposed Filter Data モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6575	2013-07-1 14:37	2012-09-5	Show	GitHub Exploit DB Packet Storm

225715	4.3	警告	Antti Alamaki	-	Drupal 用 Fonecta verify モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6574	2013-07-1 14:37	2012-09-8	Show	GitHub Exploit DB Packet Storm

225716	10	危険	Mozilla Foundation	-	Mozilla Firefox および Thunderbird の nsContentUtils::RemoveScriptBlocker 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2013-1681	2013-06-28 15:11	2013-05-14	Show	GitHub Exploit DB Packet Storm

225717	10	危険	Mozilla Foundation	-	Mozilla Firefox および Thunderbird の nsFrameList::FirstChild 関数における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2013-1680	2013-06-28 15:08	2013-05-14	Show	GitHub Exploit DB Packet Storm

225718	5	警告	Apache Software Foundation	-	Subversion の mod_dav_svn Apache HTTPD サーバモジュールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2013-1847	2013-06-28 15:07	2013-03-29	Show	GitHub Exploit DB Packet Storm

225719	10	危険	Mozilla Foundation	-	Mozilla Firefox および Thunderbird の mozilla::plugins::child::_geturlnotify 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2013-1679	2013-06-28 15:07	2013-05-14	Show	GitHub Exploit DB Packet Storm

225720	10	危険	Mozilla Foundation	-	Mozilla Firefox および Thunderbird の _cairo_xlib_surface_add_glyph 関数における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2013-1678	2013-06-28 15:05	2013-05-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196311	7.5	HIGH Network	rubyonrails	rails	The actionpack ruby gem (a framework for handling and responding to web requests in Rails) before 6.0.3.7, 6.1.3.2 suffers from a possible denial of service vulnerability in the Mime type parser of A…	NVD-CWE-noinfo	CVE-2021-22902	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

196312	8.1	HIGH Network	haxx oracle netapp siemens splunk	curl mysql_server essbase communications_cloud_native_core_network_slice_selection_function communications_cloud_native_core_network_repository_function communications_cloud_native_cor…	curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use…	CWE-416 Use After Free	CVE-2021-22901	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

196313	4.3	MEDIUM Network	nextcloud	nextcloud	Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.	CWE-862 Missing Authorization	CVE-2021-22896	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

196314	5.9	MEDIUM Network	nextcloud debian	desktop debian_linux	Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.	CWE-295 Improper Certificate Validation	CVE-2021-22895	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

196315	4.3	MEDIUM Network	schneider-electric	easergy_t300_firmware	A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an att…	-	CVE-2021-22769	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

196316	9.8	CRITICAL Network	schneider-electric	powerlogic_egx100_firmware powerlogic_egx300_firmware	A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code executi…	-	CVE-2021-22768	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

196317	3.1	LOW Network	haxx debian fedoraproject oracle siemens splunk	curl debian_linux fedora mysql_server essbase communications_cloud_native_core_network_slice_selection_function communications_cloud_native_core_network_repository_function commu…	curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers…	CWE-909 Missing Initialization of Resource	CVE-2021-22898	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

196318	5.3	MEDIUM Network	haxx oracle netapp siemens splunk	curl mysql_server essbase communications_cloud_native_core_network_slice_selection_function communications_cloud_native_core_network_repository_function communications_cloud_native_cor…	curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The s…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2021-22897	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

196319	9.8	CRITICAL Network	schneider-electric	powerlogic_egx100_firmware powerlogic_egx300_firmware	A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code executi…	-	CVE-2021-22767	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

196320	7.5	HIGH Network	schneider-electric	powerlogic_egx100_firmware powerlogic_egx300_firmware	A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service via a specially crafte…	-	CVE-2021-22766	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed