Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228321 5 警告 PHPSUGAR - PHP-Sugar の test/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-2398 2012-12-20 19:10 2009-07-9 Show GitHub Exploit DB Packet Storm
228322 7.5 危険 smspages - Mr.Saphp Arabic Script Mobile の SMSPages における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2394 2012-12-20 19:10 2009-07-9 Show GitHub Exploit DB Packet Storm
228323 6.5 警告 Virtue Netz - Virtuenetz Virtue Online Test Generator の admin/index.php における脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-2393 2012-12-20 19:10 2009-07-9 Show GitHub Exploit DB Packet Storm
228324 7.5 危険 Virtue Netz - Virtuenetz Virtue Online Test Generator の text.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2392 2012-12-20 19:10 2009-07-9 Show GitHub Exploit DB Packet Storm
228325 4.3 警告 Virtue Netz - Virtuenetz Virtue Online Test Generator の text.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2391 2012-12-20 19:10 2009-07-9 Show GitHub Exploit DB Packet Storm
228326 6.8 警告 usolved - USOLVED NEWSolved の newsscript.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2389 2012-12-20 19:10 2009-07-9 Show GitHub Exploit DB Packet Storm
228327 6.8 警告 shalwan - Opial の admin/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2388 2012-12-20 19:10 2009-07-9 Show GitHub Exploit DB Packet Storm
228328 4.9 警告 サン・マイクロシステムズ - Sun OpenSolaris の proc filesystem におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-2387 2012-12-20 19:10 2009-07-5 Show GitHub Exploit DB Packet Storm
228329 4.3 警告 tangocms - TangoCMS の application/libraries/Html.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2376 2012-12-20 19:10 2009-07-8 Show GitHub Exploit DB Packet Storm
228330 6.8 警告 wxwidgets - wxWidgets の src/common/image.cpp における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-2369 2012-12-20 19:10 2009-07-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194911 6.1 MEDIUM
Network 		glpi-project glpi GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability… CWE-79
Cross-site Scripting 		CVE-2021-21313 2024-11-21 14:48 2021-03-4 Show GitHub Exploit DB Packet Storm
194912 9.0 CRITICAL
Network 		pugjs pug
pug-code-gen 		Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the `pretty` option of the pug compiler, e.g. if you spread a … - CVE-2021-21353 2024-11-21 14:48 2021-03-3 Show GitHub Exploit DB Packet Storm
194913 9.1 CRITICAL
Network 		anuko time_tracker Anuko Time Tracker is an open source, web-based time tracking application written in PHP. In TimeTracker before version 1.19.24.5415 tokens used in password reset feature in Time Tracker are based on… - CVE-2021-21352 2024-11-21 14:48 2021-03-3 Show GitHub Exploit DB Packet Storm
194914 4.9 MEDIUM
Network 		dell openmanage_server_administrator Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view… CWE-22
Path Traversal 		CVE-2021-21514 2024-11-21 14:48 2021-03-3 Show GitHub Exploit DB Packet Storm
194915 9.8 CRITICAL
Network 		dell openmanage_server_administrator Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A … CWE-287
Improper Authentication 		CVE-2021-21513 2024-11-21 14:48 2021-03-3 Show GitHub Exploit DB Packet Storm
194916 9.8 CRITICAL
Network 		fastify-http-proxy_project fastify-http-proxy fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the pr… - CVE-2021-21322 2024-11-21 14:48 2021-03-2 Show GitHub Exploit DB Packet Storm
194917 10.0 CRITICAL
Network 		fastify-reply-from_project fastify-reply-from fastify-reply-from is an npm package which is a fastify plugin to forward the current http request to another server. In fastify-reply-from before version 4.0.2, by crafting a specific URL, it is pos… - CVE-2021-21321 2024-11-21 14:48 2021-03-2 Show GitHub Exploit DB Packet Storm
194918 4.3 MEDIUM
Network 		matrix-react-sdk_project matrix-react-sdk matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected… - CVE-2021-21320 2024-11-21 14:48 2021-03-2 Show GitHub Exploit DB Packet Storm
194919 7.2 HIGH
Network 		dell emc_srs_policy_manager SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A re… CWE-611
XXE 		CVE-2021-21517 2024-11-21 14:48 2021-03-2 Show GitHub Exploit DB Packet Storm
194920 5.4 MEDIUM
Network 		dell emc_sourceone Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerability, to hijack user sessio… CWE-79
Cross-site Scripting 		CVE-2021-21515 2024-11-21 14:48 2021-03-2 Show GitHub Exploit DB Packet Storm