Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228221	7.5	危険	phpscripte24	-	Hi Web Wiesbaden Live Shopping Multi Portal System の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1924	2012-12-20 19:29	2010-05-12	Show	GitHub Exploit DB Packet Storm

228222	7.5	危険	phpscripte24	-	Hi Web Wiesbaden Web Social Network Freunde Community System の user.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1923	2012-12-20 19:29	2010-05-12	Show	GitHub Exploit DB Packet Storm

228223	7.5	危険	xinha s9y	-	Serendipity で使用されている Xinha WYSIWYG エディタにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1916	2012-12-20 19:29	2010-05-12	Show	GitHub Exploit DB Packet Storm

228224	4.3	警告	tufat	-	FlashCard の cPlayer.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1872	2012-12-20 19:29	2010-05-12	Show	GitHub Exploit DB Packet Storm

228225	6.8	警告	レッドハット	-	Red Hat Linux 用の JBoss Enterprise Application Platform で使用されている jboss-seam2 における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-1871	2012-12-20 19:29	2010-07-27	Show	GitHub Exploit DB Packet Storm

228226	6.8	警告	realitymedias	-	RepairShop2 の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1857	2012-12-20 19:29	2010-05-7	Show	GitHub Exploit DB Packet Storm

228227	2.6	注意	realitymedias	-	RepairShop2 の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1856	2012-12-20 19:29	2010-05-7	Show	GitHub Exploit DB Packet Storm

228228	7.5	危険	phpscripte24	-	Pay Per Watch & Bid Auktions System の auktion.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1855	2012-12-20 19:29	2010-05-7	Show	GitHub Exploit DB Packet Storm

228229	4.3	警告	phpscripte24	-	Pay Per Watch & Bid Auktions System の auktion.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1854	2012-12-20 19:29	2010-05-7	Show	GitHub Exploit DB Packet Storm

228230	6.8	警告	Transmission Project	-	Transmission の libtransmission/magnet.c におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1853	2012-12-20 19:29	2010-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194531	9.8	CRITICAL Network	emby	emby	Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address.	CWE-290 Authentication Bypass by Spoofing	CVE-2021-25827	2024-11-21 14:55	2023-06-29	Show	GitHub Exploit DB Packet Storm

194532	7.8	HIGH Local	kubernetes	kubernetes	Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true.	NVD-CWE-noinfo	CVE-2021-25749	2024-11-21 14:55	2023-05-25	Show	GitHub Exploit DB Packet Storm

194533	6.5	MEDIUM Network	kubernetes	ingress-nginx	A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` …	NVD-CWE-noinfo	CVE-2021-25748	2024-11-21 14:55	2023-05-25	Show	GitHub Exploit DB Packet Storm

194534	7.8	HIGH Local	avaya	ip_office	A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB…	NVD-CWE-Other	CVE-2021-25657	2024-11-21 14:55	2022-09-2	Show	GitHub Exploit DB Packet Storm

194535	8.8	HIGH Network	apache	hadoop	ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run a…	-	CVE-2021-25642	2024-11-21 14:55	2022-08-25	Show	GitHub Exploit DB Packet Storm

194536	5.5	MEDIUM Local	intel	killer_ac_1550_firmware killer_wi-fi_6_ax1650_firmware killer_wi-fi_6e_ax1690_firmware killer_wi-fi_6e_ax1675_firmware proset_wi-fi_6e_ax210_firmware wi-fi_6e_ax211_firmware wi-fi_6…	Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable denial of service via local access.	CWE-125 Out-of-bounds Read	CVE-2021-26254	2024-11-21 14:55	2022-08-19	Show	GitHub Exploit DB Packet Storm

194537	5.5	MEDIUM Local	intel	wi-fi_6_ax411_firmware wi-fi_6_ax211_firmware wi-fi_6_ax210_firmware wi-fi_6_ax201_firmware wi-fi_6_ax200_firmware wireless-ac_9560_firmware wireless-ac_9462_firmware wireless-ac…	Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denia…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2021-26257	2024-11-21 14:55	2022-08-19	Show	GitHub Exploit DB Packet Storm

194538	7.8	HIGH Local	intel	killer_control_center	Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access.	NVD-CWE-Other	CVE-2021-26258	2024-11-21 14:55	2022-05-13	Show	GitHub Exploit DB Packet Storm

194539	8.1	HIGH Network	splunk	splunk	A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Sp…	NVD-CWE-noinfo	CVE-2021-26253	2024-11-21 14:55	2022-05-7	Show	GitHub Exploit DB Packet Storm

194540	7.1	HIGH Network	kubernetes	ingress-nginx	A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API …	CWE-20 Improper Input Validation	CVE-2021-25746	2024-11-21 14:55	2022-05-6	Show	GitHub Exploit DB Packet Storm