Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228131	7.5	危険	アップル VMware OpenSSL Project	-	OpenSSL の asn1_d2i_read_bio 関数におけるバッファオーバーフロー攻撃を誘発される脆弱性	CWE-119 バッファエラー	CVE-2012-2110	2013-06-7 11:33	2012-04-19	Show	GitHub Exploit DB Packet Storm

228132	5	警告	アップル VMware OpenSSL Project	-	OpenSSL の Server Gated Cryptography の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-4619	2013-06-7 11:26	2012-01-4	Show	GitHub Exploit DB Packet Storm

228133	4.3	警告	アップル VMware OpenSSL Project	-	OpenSSL におけるサービス運用妨害 (表明違反) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-4577	2013-06-7 11:21	2012-01-4	Show	GitHub Exploit DB Packet Storm

228134	9.3	危険	アップル VMware OpenSSL Project	-	OpenSSL におけるメモリ二重開放の脆弱性	CWE-399 リソース管理の問題	CVE-2011-4109	2013-06-7 11:15	2012-01-4	Show	GitHub Exploit DB Packet Storm

228135	5	警告	アップル OpenSSL Project	-	OpenSSL の ephemeral ECDH ciphersuite におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3210	2013-06-7 11:07	2011-09-6	Show	GitHub Exploit DB Packet Storm

228136	5	警告	アップル OpenSSL Project レッドハット	-	OpenSSL の crypto/x509/x509_vfy.c における CRL 確認を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-3207	2013-06-7 10:58	2011-09-6	Show	GitHub Exploit DB Packet Storm

228137	2.6	注意	アップル OpenSSL Project	-	OpenSSL の ECC サブシステムにおける秘密鍵を特定される脆弱性	CWE-310 暗号の問題	CVE-2011-1945	2013-06-7 10:54	2011-05-31	Show	GitHub Exploit DB Packet Storm

228138	10	危険	アドビシステムズ Google	-	Google Chrome 上で稼働する Adobe Flash Player におけるサービス運用妨害 (メモリ破損) の脆弱性	CWE-119 バッファエラー	CVE-2012-0724	2013-06-6 18:10	2012-03-28	Show	GitHub Exploit DB Packet Storm

228139	6.8	警告	アップル	-	Apple Safari などの製品で使用される WebKit における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2013-1023	2013-06-6 16:57	2013-06-4	Show	GitHub Exploit DB Packet Storm

228140	4.3	警告	アップル	-	Apple Safari などの製品で使用される WebKit の XSS Auditor における意図しないフォームサブミッションを誘発される脆弱性	CWE-20 不適切な入力確認	CVE-2013-1013	2013-06-6 16:56	2013-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194121	6.1	MEDIUM Network	froala	froala_editor	Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent Cross-site scripting (XSS) vulnerability within the hyperlink crea…	CWE-79 Cross-site Scripting	CVE-2021-30109	2024-11-21 15:03	2021-04-5	Show	GitHub Exploit DB Packet Storm

194122	6.1	MEDIUM Network	eng	knowage	Knowage Suite before 7.4 is vulnerable to cross-site scripting (XSS). An attacker can inject arbitrary external script in '/knowagecockpitengine/api/1.0/pages/execute' via the 'SBI_HOST' parameter.	CWE-79 Cross-site Scripting	CVE-2021-30058	2024-11-21 15:03	2021-04-5	Show	GitHub Exploit DB Packet Storm

194123	4.8	MEDIUM Network	eng	knowage	A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.	CWE-74 Injection	CVE-2021-30057	2024-11-21 15:03	2021-04-5	Show	GitHub Exploit DB Packet Storm

194124	5.4	MEDIUM Network	eng	knowage	Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in /restful-services/publish via the 'EXEC_FROM' parameter that can lead to…	CWE-79 Cross-site Scripting	CVE-2021-30056	2024-11-21 15:03	2021-04-5	Show	GitHub Exploit DB Packet Storm

194125	8.8	HIGH Network	eng	knowage	A SQL injection vulnerability in Knowage Suite version 7.1 exists in the documentexecution/url analytics driver component via the 'par_year' parameter when running a report.	CWE-89 SQL Injection	CVE-2021-30055	2024-11-21 15:03	2021-04-5	Show	GitHub Exploit DB Packet Storm

194126	7.3	HIGH Network	terra-master	f2-210_firmware	TerraMaster F2-210 devices through 2021-04-03 use UPnP to make the admin web server accessible over the Internet on TCP port 8181, which is arguably inconsistent with the "It is only available on the…	NVD-CWE-Other	CVE-2021-30127	2024-11-21 15:03	2021-04-4	Show	GitHub Exploit DB Packet Storm

194127	6.1	MEDIUM Network	docsifyjs	docsify	docsify 4.12.1 is affected by Cross Site Scripting (XSS) because the search component does not appropriately encode Code Blocks and mishandles the " character.	CWE-79 Cross-site Scripting	CVE-2021-30074	2024-11-21 15:03	2021-04-3	Show	GitHub Exploit DB Packet Storm

194128	6.5	MEDIUM Network	lightmeter	controlcenter	Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyone who knows the URL of a publicly available Lightmeter instance to access application settings, possibly including an SMTP passwo…	NVD-CWE-noinfo	CVE-2021-30126	2024-11-21 15:03	2021-04-3	Show	GitHub Exploit DB Packet Storm

194129	6.1	MEDIUM Network	jamf	jamf	Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376.	CWE-79 Cross-site Scripting	CVE-2021-30125	2024-11-21 15:03	2021-04-3	Show	GitHub Exploit DB Packet Storm

194130	9.8	CRITICAL Network	dlink	dir-878_firmware	An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication.	CWE-787 Out-of-bounds Write	CVE-2021-30072	2024-11-21 15:03	2021-04-3	Show	GitHub Exploit DB Packet Storm