Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228201	7.5	危険	phportal	-	phPortal の uye_paneli.php における管理者アクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2009-2117	2012-12-20 19:10	2009-06-18	Show	GitHub Exploit DB Packet Storm

228202	4	警告	Iconify.it	-	SkyBlueCanvas の admin.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-2116	2012-12-20 19:10	2009-06-18	Show	GitHub Exploit DB Packet Storm

228203	6.8	警告	Iconify.it	-	SkyBlueCanvas の admin.php における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2009-2115	2012-12-20 19:10	2009-06-18	Show	GitHub Exploit DB Packet Storm

228204	4.3	警告	Iconify.it	-	SkyBlueCanvas の admin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2114	2012-12-20 19:10	2009-06-18	Show	GitHub Exploit DB Packet Storm

228205	4.3	警告	webmedia explorer	-	webmex の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2107	2012-12-20 19:10	2009-06-17	Show	GitHub Exploit DB Packet Storm

228206	7.5	危険	projektseminar proservice wwu	-	TYPO3 用の Virtual civserv エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2106	2012-12-20 19:10	2009-06-17	Show	GitHub Exploit DB Packet Storm

228207	4.3	警告	udo von eynern	-	TYPO3 用の Modern Guestbook / Commenting System エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2104	2012-12-20 19:10	2009-06-17	Show	GitHub Exploit DB Packet Storm

228208	7.5	危険	steve grundell	-	TYPO3 用の fe_mp3player エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2103	2012-12-20 19:10	2009-06-17	Show	GitHub Exploit DB Packet Storm

228209	7.5	危険	zokisoft	-	Zoki Soft Zoki Catalog の system/application/controllers/catalog.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2097	2012-12-20 19:10	2009-06-17	Show	GitHub Exploit DB Packet Storm

228210	4.3	警告	phpwebthings	-	phpWebThings の help.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-2081	2012-12-20 19:10	2009-06-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195341	7.5	HIGH Network	draytek	vigorconnect	A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vu…	CWE-22 Path Traversal	CVE-2021-20123	2024-11-21 14:45	2021-10-14	Show	GitHub Exploit DB Packet Storm

195342	6.1	MEDIUM Network	sonicwall	sonicos	A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.	CWE-601 Open Redirect	CVE-2021-20031	2024-11-21 14:45	2021-10-13	Show	GitHub Exploit DB Packet Storm

195343	7.2	HIGH Network	telus	prv65b444a-s-ts_firmware	The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is affected by an authenticated command injection vulnerability in multiple parameters passed to tr69_cmd.cgi. A remote attacker co…	CWE-78 OS Command	CVE-2021-20122	2024-11-21 14:45	2021-10-12	Show	GitHub Exploit DB Packet Storm

195344	4.0	MEDIUM Physics	telus	prv65b444a-s-ts_firmware	The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is vulnerable to an authenticated arbitrary file read. An authenticated user with physical access to the device can read arbitrary …	NVD-CWE-noinfo	CVE-2021-20121	2024-11-21 14:45	2021-10-12	Show	GitHub Exploit DB Packet Storm

195345	6.5	MEDIUM Network	sonicwall	sma_200_firmware sma_210_firmware sma_400_firmware sma_410_firmware sma_500v	Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.	CWE-78 OS Command	CVE-2021-20035	2024-11-21 14:45	2021-09-28	Show	GitHub Exploit DB Packet Storm

195346	9.1	CRITICAL Network	sonicwall	sma_200_firmware sma_210_firmware sma_400_firmware sma_410_firmware sma_500v	An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to facto…	CWE-22 Path Traversal	CVE-2021-20034	2024-11-21 14:45	2021-09-28	Show	GitHub Exploit DB Packet Storm

195347	7.8	HIGH Local	sonicwall	global_vpn_client	SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host o…	CWE-276 Incorrect Default Permissions	CVE-2021-20037	2024-11-21 14:45	2021-09-21	Show	GitHub Exploit DB Packet Storm

195348	7.8	HIGH Local	qualcomm	apq8009w_firmware apq8053_firmware ar9380_firmware ipq8064_firmware ipq8065_firmware ipq8068_firmware ipq8069_firmware msm8909w_firmware msm8953_firmware qca6320_firmware	Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon W…	CWE-416 Use After Free	CVE-2021-1947	2024-11-21 14:45	2021-09-17	Show	GitHub Exploit DB Packet Storm

195349	5.5	MEDIUM Local	qualcomm	apq8009_firmware apq8009w_firmware apq8017_firmware apq8053_firmware aqt1000_firmware msm8909w_firmware msm8917_firmware msm8953_firmware qca4020_firmware qca6174a_firmware…	Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, …	CWE-476 NULL Pointer Dereference	CVE-2021-1939	2024-11-21 14:45	2021-09-17	Show	GitHub Exploit DB Packet Storm

195350	9.8	CRITICAL Network	qualcomm	apq8009_firmware apq8009w_firmware apq8017_firmware apq8053_firmware apq8064au_firmware apq8096au_firmware aqt1000_firmware ar7420_firmware ar8031_firmware ar8035_firmware<…	A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon In…	CWE-416 Use After Free	CVE-2021-1976	2024-11-21 14:45	2021-09-17	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed