Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227781	7.5	危険	x10media	-	x10 Adult Media Script の report.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4730	2012-12-20 19:28	2010-03-18	Show	GitHub Exploit DB Packet Storm

227782	4.3	警告	x10media	-	x10 Adult Media Script におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4729	2012-12-20 19:28	2010-03-18	Show	GitHub Exploit DB Packet Storm

227783	7.5	危険	questions answered	-	Questions Answered の管理インターフェースにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4728	2012-12-20 19:28	2010-03-18	Show	GitHub Exploit DB Packet Storm

227784	4.3	警告	phpscriptsnow	-	Real Time Currency Exchange の rates.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4715	2012-12-20 19:28	2010-03-15	Show	GitHub Exploit DB Packet Storm

227785	7.5	危険	tukanas	-	Tukanas Classifieds Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4712	2012-12-20 19:28	2010-03-15	Show	GitHub Exploit DB Packet Storm

227786	4.3	警告	Pligg	-	Pligg におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2009-4788	2012-12-20 19:28	2009-11-30	Show	GitHub Exploit DB Packet Storm

227787	6.8	警告	Pligg	-	Pligg におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-4787	2012-12-20 19:28	2009-11-30	Show	GitHub Exploit DB Packet Storm

227788	4.3	警告	Pligg	-	Pligg におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4786	2012-12-20 19:28	2009-11-30	Show	GitHub Exploit DB Packet Storm

227789	4.3	警告	phpMyFAQ	-	phpMyFAQ の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4780	2012-12-20 19:28	2009-12-1	Show	GitHub Exploit DB Packet Storm

227790	6.8	警告	Ubercart	-	Drupal 用の Ubercart モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-4773	2012-12-20 19:28	2009-11-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195481	8.8	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener (`AbstractPostAjaxBehavior`) in all pages other than the login pag…	CWE-502 Deserialization of Untrusted Data	CVE-2021-21247	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

195482	7.5	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list user details. However …	-	CVE-2021-21246	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

195483	7.5	HIGH Network	jqueryvalidation netapp	jquery_validation snapcenter	The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more r…	-	CVE-2021-21252	2024-11-21 14:47	2021-01-14	Show	GitHub Exploit DB Packet Storm

195484	9.8	CRITICAL Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified location (`request.ge…	-	CVE-2021-21245	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

195485	7.8	HIGH Local	git_large_file_storage_project	git_large_file_storage	Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory, that program …	-	CVE-2021-21237	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

195486	8.8	HIGH Local	flatpak debian	flatpak debian_linux	Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to exec…	-	CVE-2021-21261	2024-11-21 14:47	2021-01-15	Show	GitHub Exploit DB Packet Storm

195487	7.4	HIGH Network	flask-security-too_project	flask-security-too	The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of …	-	CVE-2021-21241	2024-11-21 14:47	2021-01-12	Show	GitHub Exploit DB Packet Storm

195488	8.8	HIGH Network	google fedoraproject debian	chrome fedora debian_linux	Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CWE-787 Out-of-bounds Write	CVE-2021-21116	2024-11-21 14:47	2021-01-9	Show	GitHub Exploit DB Packet Storm

195489	9.6	CRITICAL Network	google fedoraproject debian	chrome fedora debian_linux	User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML …	CWE-416 Use After Free	CVE-2021-21115	2024-11-21 14:47	2021-01-9	Show	GitHub Exploit DB Packet Storm

195490	8.8	HIGH Network	google fedoraproject debian	chrome fedora debian_linux	Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CWE-416 Use After Free	CVE-2021-21114	2024-11-21 14:47	2021-01-9	Show	GitHub Exploit DB Packet Storm