Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226511 4 警告 Condor Project
レッドハット		 - Condor のポリシー定義エバリュエータにおける SQL インジェクションの脆弱性 CWE-20
不適切な入力確認 		CVE-2009-5136 2013-10-16 15:32 2009-11-25 Show GitHub Exploit DB Packet Storm
226512 6.8 警告 MediaWiki - MediaWiki 用 CheckUser 拡張機能の api/ApiQueryCheckUser.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-4306 2013-10-16 15:17 2013-09-3 Show GitHub Exploit DB Packet Storm
226513 4.3 警告 MediaWiki - MediaWiki 用 SyntaxHighlight GeSHi 拡張機能の contrib/example.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4305 2013-10-16 15:16 2013-09-3 Show GitHub Exploit DB Packet Storm
226514 6.5 警告 Kwoksys - Kwoksys Kwok Information Server の IT/hardware-list.dll における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-5028 2013-10-16 14:58 2013-08-7 Show GitHub Exploit DB Packet Storm
226515 9 危険 Adaptive Computing - Terascale Open-Source Resource and Queue Manager の pbs_mom における任意のジョブを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4319 2013-10-16 14:42 2013-09-6 Show GitHub Exploit DB Packet Storm
226516 3.5 注意 Condor Project
レッドハット		 - Condor のポリシー定義エバリュエータにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4255 2013-10-16 14:41 2013-08-21 Show GitHub Exploit DB Packet Storm
226517 7.5 危険 Richard Cook - Ruby 用 rgpg gem の lib/rgpg/gpg_helper.rb における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-4203 2013-10-16 14:40 2013-08-1 Show GitHub Exploit DB Packet Storm
226518 5 警告 Xymon - Xymon の trend-data デーモンにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-4173 2013-10-16 14:40 2013-07-24 Show GitHub Exploit DB Packet Storm
226519 7.8 危険 OvisLink - 複数の AirLive 製品における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2013-3687 2013-10-16 14:23 2013-06-12 Show GitHub Exploit DB Packet Storm
226520 10 危険 OvisLink - AirLive WL-2600CAM の cgi-bin/operator/param における管理者パスワードを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-3686 2013-10-16 14:22 2013-06-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195281 7.5 HIGH
Network 		rust-lang rust In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow. CWE-252
 Unchecked Return Value 		CVE-2021-28875 2024-11-21 15:00 2021-04-12 Show GitHub Exploit DB Packet Storm
195282 7.0 HIGH
Local 		erlang erlang\/otp A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of oth… CWE-426
 Untrusted Search Path 		CVE-2021-29221 2024-11-21 15:00 2021-04-9 Show GitHub Exploit DB Packet Storm
195283 7.8 HIGH
Local 		linux
fedoraproject
debian
netapp 		linux_kernel
fedora
debian_linux
cloud_backup
solidfire
hci_management_node
h300s_firmware
h500s_firmware
h700s_firmware
h300e_firmware
h500e_firmware
h700e_firmware<… 		BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/… CWE-77
Command Injection 		CVE-2021-29154 2024-11-21 15:00 2021-04-9 Show GitHub Exploit DB Packet Storm
195284 9.8 CRITICAL
Network 		nagios network_analyzer SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the o[col] parameter to api/checks/read/. CWE-89
SQL Injection 		CVE-2021-28925 2024-11-21 15:00 2021-04-8 Show GitHub Exploit DB Packet Storm
195285 6.1 MEDIUM
Network 		nagios network_analyzer Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page. CWE-79
Cross-site Scripting 		CVE-2021-28924 2024-11-21 15:00 2021-04-8 Show GitHub Exploit DB Packet Storm
195286 5.5 MEDIUM
Local 		asus gputweak_ii AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. This could enable low-privileged users to achieve Denial of Servi… CWE-787
 Out-of-bounds Write 		CVE-2021-28686 2024-11-21 15:00 2021-04-8 Show GitHub Exploit DB Packet Storm
195287 7.8 HIGH
Local 		asus gputweak_ii AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memo… NVD-CWE-Other
CVE-2021-28685 2024-11-21 15:00 2021-04-8 Show GitHub Exploit DB Packet Storm
195288 7.8 HIGH
Local 		libretro retroarch The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers … CWE-78
OS Command  		CVE-2021-28927 2024-11-21 15:00 2021-04-8 Show GitHub Exploit DB Packet Storm
195289 6.5 MEDIUM
Local 		linux
debian 		linux_kernel
debian_linux 		The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions… CWE-665
 Improper Initialization 		CVE-2021-28688 2024-11-21 15:00 2021-04-7 Show GitHub Exploit DB Packet Storm
195290 5.5 MEDIUM
Local 		linuxfoundation
sylabs 		umoci
singularity 		Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used. CWE-20
 Improper Input Validation  		CVE-2021-29136 2024-11-21 15:00 2021-04-7 Show GitHub Exploit DB Packet Storm