Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225831 4.3 警告 MICROSYS - MICROSYS PROMOTIC の ActiveX コンポーネントにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4520 2013-05-27 16:02 2011-11-28 Show GitHub Exploit DB Packet Storm
225832 5 警告 Wireshark - Wireshark の SCTP 解析機能におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-6056 2013-05-27 16:02 2012-11-28 Show GitHub Exploit DB Packet Storm
225833 4.3 警告 MICROSYS - MICROSYS PROMOTIC の ActiveX コンポーネントにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4519 2013-05-27 16:01 2011-11-28 Show GitHub Exploit DB Packet Storm
225834 5 警告 Wireshark - Wireshark の 3GPP2 A1 解析機能におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-6055 2013-05-27 15:59 2012-11-28 Show GitHub Exploit DB Packet Storm
225835 5 警告 MICROSYS - MICROSYS PROMOTIC の Web サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4518 2013-05-27 15:59 2011-11-28 Show GitHub Exploit DB Packet Storm
225836 4.3 警告 Elgg - Elgg の engine/lib/access.php における、個人のエンティティを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-6563 2013-05-27 15:58 2012-05-19 Show GitHub Exploit DB Packet Storm
225837 5 警告 Wireshark - Wireshark の sFlow 解析機能におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-6054 2013-05-27 15:57 2012-11-28 Show GitHub Exploit DB Packet Storm
225838 6.8 警告 Elgg - Elgg の engine/lib/users.php における任意のアカウントを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-6562 2013-05-27 15:57 2012-05-19 Show GitHub Exploit DB Packet Storm
225839 4.3 警告 Elgg - Elgg の engine/lib/views.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6561 2013-05-27 15:55 2012-05-19 Show GitHub Exploit DB Packet Storm
225840 5 警告 Wireshark - Wireshark の USB 解析機能におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-6053 2013-05-27 15:55 2012-11-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196481 4.3 MEDIUM
Network 		otrs cis_in_customer_frontend Agents are able to see and link Config Items without permissions, which are defined in General Catalog. This issue affects: OTRS AG OTRSCIsInCustomerFrontend 7.0.x version 7.0.14 and prior versions. CWE-276
Incorrect Default Permissions  		CVE-2021-21436 2024-11-21 14:48 2021-02-8 Show GitHub Exploit DB Packet Storm
196482 6.5 MEDIUM
Network 		otrs otrs Article Bcc fields and agent personal information are shown when customer prints the ticket (PDF) via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0… CWE-200
Information Exposure 		CVE-2021-21435 2024-11-21 14:48 2021-02-8 Show GitHub Exploit DB Packet Storm
196483 4.8 MEDIUM
Network 		otrs survey Survey administrator can craft a survey in such way that malicious code can be executed in the agent interface (i.e. another agent who wants to make changes in the survey). This issue affects: OTRS A… CWE-79
Cross-site Scripting 		CVE-2021-21434 2024-11-21 14:48 2021-02-8 Show GitHub Exploit DB Packet Storm
196484 5.3 MEDIUM
Network 		jenkins jenkins Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition. CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2021-21615 2024-11-21 14:48 2021-01-27 Show GitHub Exploit DB Packet Storm
196485 7.5 HIGH
Network 		zte zxr10_9904_firmware
zxr10_9908_firmware
zxr10_9916_firmware
zxr10_9904-s_firmware
zxr10_9908-s_firmware 		Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operat… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2021-21723 2024-11-21 14:48 2021-01-27 Show GitHub Exploit DB Packet Storm
196486 4.4 MEDIUM
Local 		zte zxv10_b860a_firmware A ZTE Smart STB is impacted by an information leak vulnerability. The device did not fully verify the log, so attackers could use this vulnerability to obtain sensitive user information for further i… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2021-21722 2024-11-21 14:48 2021-01-15 Show GitHub Exploit DB Packet Storm
196487 5.5 MEDIUM
Local 		jenkins bumblebee_hp_alm Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkin… CWE-522
 Insufficiently Protected Credentials 		CVE-2021-21614 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
196488 6.1 MEDIUM
Network 		jenkins tics Jenkins TICS Plugin 2020.3.0.6 and earlier does not escape TICS service responses, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to control TICS service respon… CWE-79
Cross-site Scripting 		CVE-2021-21613 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
196489 5.5 MEDIUM
Local 		jenkins tracetronic_ecu-test Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the J… CWE-522
 Insufficiently Protected Credentials 		CVE-2021-21612 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
196490 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape display names and IDs of item types shown on the New Item page, resulting in a stored cross-site scripting (XSS) vulnerability explo… CWE-79
Cross-site Scripting 		CVE-2021-21611 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm