Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227861 5 警告 software.realtyna - Joomla! 用の Magic Updater コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1307 2012-12-20 19:29 2010-04-8 Show GitHub Exploit DB Packet Storm
227862 7.5 危険 roberto aloi - Joomla! 用の Picasa コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1306 2012-12-20 19:29 2010-04-8 Show GitHub Exploit DB Packet Storm
227863 7.5 危険 yamamah - Yamamah の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1300 2012-12-20 19:29 2010-04-7 Show GitHub Exploit DB Packet Storm
227864 4 警告 PulseCMS - Pulse CMS の view.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1298 2012-12-20 19:29 2010-04-6 Show GitHub Exploit DB Packet Storm
227865 7.5 危険 Zabbix - Zabbix の API における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1277 2012-12-20 19:29 2010-04-6 Show GitHub Exploit DB Packet Storm
227866 4.3 警告 webtoolkit - Emweb Wt におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1274 2012-12-20 19:29 2010-04-6 Show GitHub Exploit DB Packet Storm
227867 7.5 危険 smart-plugs - smartplugs の showplugs.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1271 2012-12-20 19:29 2010-04-6 Show GitHub Exploit DB Packet Storm
227868 7.5 危険 phpscripte24 - Multi Auktions Komplett System の auktion.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1270 2012-12-20 19:29 2010-04-6 Show GitHub Exploit DB Packet Storm
227869 7.5 危険 phpscripte24 - phpscripte24 Niedrig Gebote Pro Auktions System II の auktion.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1269 2012-12-20 19:29 2010-04-6 Show GitHub Exploit DB Packet Storm
227870 6.8 警告 stafford.uklinux - libESMTP の smtp-tls.c における信頼済み証明書を偽装される脆弱性 CWE-310
暗号の問題 		CVE-2010-1194 2012-12-20 19:29 2010-03-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195131 7.5 HIGH
Network 		f5 big-ip_access_policy_manager
big-ip_advanced_firewall_manager
big-ip_application_acceleration_manager
big-ip_analytics
big-ip_application_security_manager
big-ip_domain_name_system
 On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, the Traffic Management Microkernel (TMM) may stop responding… NVD-CWE-noinfo
CVE-2021-23013 2024-11-21 14:51 2021-05-10 Show GitHub Exploit DB Packet Storm
195132 7.5 HIGH
Network 		f5 big-ip_access_policy_manager
big-ip_advanced_firewall_manager
big-ip_application_acceleration_manager
big-ip_analytics
big-ip_application_security_manager
big-ip_domain_name_system
 On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, when the BIG-IP system is buffering packet frag… CWE-400
 Uncontrolled Resource Consumption 		CVE-2021-23011 2024-11-21 14:51 2021-05-10 Show GitHub Exploit DB Packet Storm
195133 9.8 CRITICAL
Network 		f5 big-ip_access_policy_manager On version 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and all versions of 16.0.x and 11.6.x., BIG-IP APM AD (Active Directory) authentication can be bypas… CWE-287
Improper Authentication 		CVE-2021-23008 2024-11-21 14:51 2021-05-10 Show GitHub Exploit DB Packet Storm
195134 9.8 CRITICAL
Network 		handlebarsjs
netapp 		handlebars
e-series_performance_analyzer 		The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2021-23383 2024-11-21 14:51 2021-05-4 Show GitHub Exploit DB Packet Storm
195135 7.5 HIGH
Network 		path-parse_project path-parse All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-… NVD-CWE-noinfo
CVE-2021-23343 2024-11-21 14:51 2021-05-4 Show GitHub Exploit DB Packet Storm
195136 5.3 MEDIUM
Network 		browserslist_project browserslist The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries. CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2021-23364 2024-11-21 14:51 2021-04-29 Show GitHub Exploit DB Packet Storm
195137 7.5 HIGH
Network 		postcss postcss The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused … CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2021-23382 2024-11-21 14:51 2021-04-27 Show GitHub Exploit DB Packet Storm
195138 9.1 CRITICAL
Network 		tyk tyk-identity-broker The package github.com/tyktechnologies/tyk-identity-broker before 1.1.1 are vulnerable to Authentication Bypass via the Go XML parser which can cause SAML authentication bypass. This is because the X… CWE-287
Improper Authentication 		CVE-2021-23365 2024-11-21 14:51 2021-04-26 Show GitHub Exploit DB Packet Storm
195139 9.8 CRITICAL
Network 		killing_project killing This affects all versions of package killing. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec fu… CWE-78
OS Command  		CVE-2021-23381 2024-11-21 14:51 2021-04-19 Show GitHub Exploit DB Packet Storm
195140 7.3 HIGH
Network 		roar-pidusage_project roar-pidusage This affects all versions of package roar-pidusage. If attacker-controlled user input is given to the stat function of this package on certain operating systems, it is possible for an attacker to exe… CWE-78
OS Command  		CVE-2021-23380 2024-11-21 14:51 2021-04-19 Show GitHub Exploit DB Packet Storm