Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228091	10	危険	アドビシステムズ	-	Adobe Shockwave Player におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-0636	2013-02-15 11:09	2013-02-12	Show	GitHub Exploit DB Packet Storm

228092	10	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2013-0635	2013-02-15 11:08	2013-02-12	Show	GitHub Exploit DB Packet Storm

228093	4.9	警告	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-362 競合状態	CVE-2013-1277	2013-02-14 17:11	2013-02-12	Show	GitHub Exploit DB Packet Storm

228094	4.9	警告	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-362 競合状態	CVE-2013-1276	2013-02-14 17:11	2013-02-12	Show	GitHub Exploit DB Packet Storm

228095	4.9	警告	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-362 競合状態	CVE-2013-1275	2013-02-14 17:11	2013-02-12	Show	GitHub Exploit DB Packet Storm

228096	4.9	警告	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-362 競合状態	CVE-2013-1274	2013-02-14 17:11	2013-02-12	Show	GitHub Exploit DB Packet Storm

228097	4.9	警告	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-362 競合状態	CVE-2013-1272	2013-02-14 17:11	2013-02-12	Show	GitHub Exploit DB Packet Storm

228098	4.9	警告	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-362 競合状態	CVE-2013-1273	2013-02-14 17:11	2013-02-12	Show	GitHub Exploit DB Packet Storm

228099	4.9	警告	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-362 競合状態	CVE-2013-1271	2013-02-14 17:11	2013-02-12	Show	GitHub Exploit DB Packet Storm

228100	4.9	警告	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-362 競合状態	CVE-2013-1270	2013-02-14 17:11	2013-02-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194411	8.1	HIGH Network	johnsoncontrols	kantech_kt-1_door_controller_firmware	The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and inc…	CWE-294 Authentication Bypass by Capture-replay	CVE-2021-27662	2024-11-21 14:58	2021-09-15	Show	GitHub Exploit DB Packet Storm

194412	6.1	MEDIUM Network	apache	zeppelin	Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts. This issue affects Apache Zeppelin Apache Zeppelin versions prior to 0.9.…	CWE-79 Cross-site Scripting	CVE-2021-27578	2024-11-21 14:58	2021-09-3	Show	GitHub Exploit DB Packet Storm

194413	5.3	MEDIUM Network	hashicorp	vault	HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR secondaries without authentication. Fixed in 1.6.3.	CWE-306 Missing Authentication for Critical Function	CVE-2021-27668	2024-11-21 14:58	2021-09-1	Show	GitHub Exploit DB Packet Storm

194414	6.1	MEDIUM Network	easycorp	zentao	A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator.	CWE-79 Cross-site Scripting	CVE-2021-27558	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194415	4.3	MEDIUM Network	easycorp	zentao	A cross-site request forgery (CSRF) vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job.	CWE-352 Origin Validation Error	CVE-2021-27557	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194416	7.2	HIGH Network	easycorp	zentao	The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System.	CWE-78 OS Command	CVE-2021-27556	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194417	9.8	CRITICAL Network	johnsoncontrols	ac2000_firmware	A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Contr…	NVD-CWE-Other	CVE-2021-27663	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194418	3.5	LOW Network	acquia	mautic	The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographicall…	CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	CVE-2021-27913	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194419	5.4	MEDIUM Network	acquia	mautic	Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can o…	CWE-79 Cross-site Scripting	CVE-2021-27912	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194420	6.1	MEDIUM Network	acquia	mautic	Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action d…	CWE-79 Cross-site Scripting	CVE-2021-27911	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm