Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228181 2.1 注意 speedtech - Drupal 用の Storm モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2158 2012-12-20 19:29 2010-05-19 Show GitHub Exploit DB Packet Storm
228182 4.3 警告 zonecheck - ZoneCheck の zc/publisher/html.rb におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2155 2012-12-20 19:29 2010-05-26 Show GitHub Exploit DB Packet Storm
228183 6.8 警告 Tecnick.com - TCExam の admin/code/tce_functions_tcecode_editor.php における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2010-2153 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
228184 7.5 危険 unisoft - Joomla! 用の My Car コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2148 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
228185 4.3 警告 unisoft - Joomla! 用の My Car コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2147 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
228186 7.5 危険 richrumble - ClearSite における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2145 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
228187 4.3 警告 zeeways - Zeeways eBay Clone Auction Script の signinform.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2144 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
228188 7.5 危険 Symphony CMS - Symphony CMS の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-2143 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
228189 7.5 危険 snipegallery - Snipe Gallery における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2126 2012-12-20 19:29 2010-06-1 Show GitHub Exploit DB Packet Storm
228190 2.1 注意 systemseed - Drupal 用の Rotor Banner モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2125 2012-12-20 19:29 2010-05-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194531 9.8 CRITICAL
Network 		emby emby Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address. CWE-290
 Authentication Bypass by Spoofing 		CVE-2021-25827 2024-11-21 14:55 2023-06-29 Show GitHub Exploit DB Packet Storm
194532 7.8 HIGH
Local 		kubernetes kubernetes Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. NVD-CWE-noinfo
CVE-2021-25749 2024-11-21 14:55 2023-05-25 Show GitHub Exploit DB Packet Storm
194533 6.5 MEDIUM
Network 		kubernetes ingress-nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` … NVD-CWE-noinfo
CVE-2021-25748 2024-11-21 14:55 2023-05-25 Show GitHub Exploit DB Packet Storm
194534 7.8 HIGH
Local 		avaya ip_office A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB… NVD-CWE-Other
CVE-2021-25657 2024-11-21 14:55 2022-09-2 Show GitHub Exploit DB Packet Storm
194535 8.8 HIGH
Network 		apache hadoop ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run a… - CVE-2021-25642 2024-11-21 14:55 2022-08-25 Show GitHub Exploit DB Packet Storm
194536 5.5 MEDIUM
Local 		intel killer_ac_1550_firmware
killer_wi-fi_6_ax1650_firmware
killer_wi-fi_6e_ax1690_firmware
killer_wi-fi_6e_ax1675_firmware
proset_wi-fi_6e_ax210_firmware
wi-fi_6e_ax211_firmware
wi-fi_6… 		Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable denial of service via local access. CWE-125
Out-of-bounds Read 		CVE-2021-26254 2024-11-21 14:55 2022-08-19 Show GitHub Exploit DB Packet Storm
194537 5.5 MEDIUM
Local 		intel wi-fi_6_ax411_firmware
wi-fi_6_ax211_firmware
wi-fi_6_ax210_firmware
wi-fi_6_ax201_firmware
wi-fi_6_ax200_firmware
wireless-ac_9560_firmware
wireless-ac_9462_firmware
wireless-ac… 		Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denia… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2021-26257 2024-11-21 14:55 2022-08-19 Show GitHub Exploit DB Packet Storm
194538 7.8 HIGH
Local 		intel killer_control_center Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access. NVD-CWE-Other
CVE-2021-26258 2024-11-21 14:55 2022-05-13 Show GitHub Exploit DB Packet Storm
194539 8.1 HIGH
Network 		splunk splunk A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Sp… NVD-CWE-noinfo
CVE-2021-26253 2024-11-21 14:55 2022-05-7 Show GitHub Exploit DB Packet Storm
194540 7.1 HIGH
Network 		kubernetes ingress-nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API … CWE-20
 Improper Input Validation  		CVE-2021-25746 2024-11-21 14:55 2022-05-6 Show GitHub Exploit DB Packet Storm