Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228141	7.2	危険	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルにおける権限昇格の脆弱性	CWE-362 競合状態	CVE-2013-1278	2013-02-14 16:53	2013-02-12	Show	GitHub Exploit DB Packet Storm

228142	2.6	注意	グリー株式会社	-	Android 版 GREE (グリー) におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-0704	2013-02-14 12:01	2013-02-14	Show	GitHub Exploit DB Packet Storm

228143	4.3	警告	imgboard.com CGIダウンロードセンター	-	imgboard におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0703	2013-02-14 12:00	2013-02-14	Show	GitHub Exploit DB Packet Storm

228144	4.3	警告	General Electric Company	-	GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY および Proficy Process Systems with CIMPLICITY におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2013-0653	2013-02-13 16:45	2013-01-22	Show	GitHub Exploit DB Packet Storm

228145	9.3	危険	General Electric Company	-	GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY および Proficy Process Systems with CIMPLICITY における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2013-0654	2013-02-13 16:44	2013-01-22	Show	GitHub Exploit DB Packet Storm

228146	6.8	警告	アクセラテクノロジ	-	Accela BizSearch におけるユーザになりすまされる脆弱性	CWE-noinfo 情報不足	-	2013-02-13 15:44	2013-02-5	Show	GitHub Exploit DB Packet Storm

228147	7.2	危険	VMware	-	複数の VMware 製品の VMCI の実装における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2013-1406	2013-02-13 15:42	2013-02-7	Show	GitHub Exploit DB Packet Storm

228148	7.5	危険	CubeCart Limited	-	CubeCart における任意の PHP オブジェクトをアンシリアライズされる脆弱性	CWE-20 不適切な入力確認	CVE-2013-1465	2013-02-13 11:53	2013-01-31	Show	GitHub Exploit DB Packet Storm

228149	-	-	ARM Ltd. (旧 Offspark)	-	削除 PolarSSL の SSL モジュールにおける識別攻撃を誘発される脆弱性	-	CVE-2013-1622	2013-02-13 11:49	2013-02-2	Show	GitHub Exploit DB Packet Storm

228150	6.8	警告	Opera Software ASA	-	Opera における CSRF 保護メカニズムを回避される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-1639	2013-02-12 16:51	2013-01-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194401	9.8	CRITICAL Network	servicetonic	servicetonic	Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows attacker to login without using a password.	CWE-330 Use of Insufficiently Random Values	CVE-2021-28024	2024-11-21 14:58	2021-11-9	Show	GitHub Exploit DB Packet Storm

194402	9.8	CRITICAL Network	servicetonic	servicetonic	Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative pa…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-28023	2024-11-21 14:58	2021-11-9	Show	GitHub Exploit DB Packet Storm

194403	7.5	HIGH Network	servicetonic	servicetonic	Blind SQL injection in the login form in ServiceTonic Helpdesk software < 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries.	CWE-89 SQL Injection	CVE-2021-28022	2024-11-21 14:58	2021-11-9	Show	GitHub Exploit DB Packet Storm

194404	6.5	MEDIUM Network	libxls_project fedoraproject	libxls fedora	An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file.	CWE-476 NULL Pointer Dereference	CVE-2021-27836	2024-11-21 14:58	2021-11-4	Show	GitHub Exploit DB Packet Storm

194405	7.5	HIGH Network	nsasoft	spotauditor	An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering.	CWE-120 Classic Buffer Overflow	CVE-2021-27722	2024-11-21 14:58	2021-11-2	Show	GitHub Exploit DB Packet Storm

194406	8.8	HIGH Network	apache	dolphinscheduler	In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password)	CWE-89 SQL Injection	CVE-2021-27644	2024-11-21 14:58	2021-11-1	Show	GitHub Exploit DB Packet Storm

194407	5.4	MEDIUM Network	hcltechsw	connections	"HCL Connections Security Update for Reflected Cross-Site Scripting (XSS) Vulnerability"	CWE-79 Cross-site Scripting	CVE-2021-27746	2024-11-21 14:58	2021-10-22	Show	GitHub Exploit DB Packet Storm

194408	7.8	HIGH Local	stb_project fedoraproject debian	stb fedora debian_linux	Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.	CWE-787 Out-of-bounds Write	CVE-2021-28021	2024-11-21 14:58	2021-10-16	Show	GitHub Exploit DB Packet Storm

194409	7.5	HIGH Network	johnsoncontrols	exacqvision_server	An unauthenticated remote user could exploit a potential integer overflow condition in the exacqVision Server with a specially crafted script and cause denial-of-service condition.	CWE-190 Integer Overflow or Wraparound	CVE-2021-27665	2024-11-21 14:58	2021-10-12	Show	GitHub Exploit DB Packet Storm

194410	9.8	CRITICAL Network	johnsoncontrols	exacqvision_web_service	Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.	CWE-269 Improper Privilege Management	CVE-2021-27664	2024-11-21 14:58	2021-10-12	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed