Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228421 7.5 危険 tukanas - Tukanas Classifieds Script の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4712 2012-12-20 19:28 2010-03-15 Show GitHub Exploit DB Packet Storm
228422 4.3 警告 Pligg - Pligg におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4788 2012-12-20 19:28 2009-11-30 Show GitHub Exploit DB Packet Storm
228423 6.8 警告 Pligg - Pligg におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-4787 2012-12-20 19:28 2009-11-30 Show GitHub Exploit DB Packet Storm
228424 4.3 警告 Pligg - Pligg におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4786 2012-12-20 19:28 2009-11-30 Show GitHub Exploit DB Packet Storm
228425 4.3 警告 phpMyFAQ - phpMyFAQ の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4780 2012-12-20 19:28 2009-12-1 Show GitHub Exploit DB Packet Storm
228426 6.8 警告 Ubercart - Drupal 用の Ubercart モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-4773 2012-12-20 19:28 2009-11-18 Show GitHub Exploit DB Packet Storm
228427 4.3 警告 Ubercart - Drupal 用の Ubercart モジュールにおける重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2009-4772 2012-12-20 19:28 2009-11-18 Show GitHub Exploit DB Packet Storm
228428 5 警告 Ubercart - Drupal 用の Ubercart モジュールにおける不特定の "複製操作" を誘発される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4771 2012-12-20 19:28 2009-11-18 Show GitHub Exploit DB Packet Storm
228429 9 危険 Codeorigin - Sysax Multi Server におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4790 2012-12-20 19:28 2010-04-22 Show GitHub Exploit DB Packet Storm
228430 7.2 危険 tukeva - TUKEVA Password Reminder における資格情報を発見される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2009-4781 2012-12-20 19:28 2010-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194571 2.4 LOW
Physics 		samsung pay_mini Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code. CWE-200
Information Exposure 		CVE-2021-25333 2024-11-21 14:54 2021-03-5 Show GitHub Exploit DB Packet Storm
194572 2.4 LOW
Physics 		samsung pay_mini Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition. CWE-200
Information Exposure 		CVE-2021-25332 2024-11-21 14:54 2021-03-5 Show GitHub Exploit DB Packet Storm
194573 2.4 LOW
Physics 		samsung pay_mini Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen in specific condition. CWE-200
Information Exposure 		CVE-2021-25331 2024-11-21 14:54 2021-03-5 Show GitHub Exploit DB Packet Storm
194574 5.5 MEDIUM
Local 		trendmicro apex_central
apex_one
cloud_edge
deep_security
control_manager
deep_discovery_analyzer
deep_discovery_email_inspector
deep_discovery_inspector
interscan_messaging_security_vir… 		Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by a… CWE-400
 Uncontrolled Resource Consumption 		CVE-2021-25252 2024-11-21 14:54 2021-03-4 Show GitHub Exploit DB Packet Storm
194575 7.8 HIGH
Local 		saltstack salt CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify… - CVE-2021-25315 2024-11-21 14:54 2021-03-3 Show GitHub Exploit DB Packet Storm
194576 7.5 HIGH
Network 		google android Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider. NVD-CWE-noinfo
CVE-2021-25330 2024-11-21 14:54 2021-03-3 Show GitHub Exploit DB Packet Storm
194577 9.8 CRITICAL
Network 		gigaset dx600a_firmware The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does not implement any lockout or throttling functionality. This situation (together with the weak password p… CWE-307
CWE-521
mproper Restriction of Excessive Authentication Attempts
Weak Password Requirements  		CVE-2021-25309 2024-11-21 14:54 2021-03-2 Show GitHub Exploit DB Packet Storm
194578 7.5 HIGH
Network 		gigaset dx600a_firmware A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands. CWE-120
Classic Buffer Overflow 		CVE-2021-25306 2024-11-21 14:54 2021-03-2 Show GitHub Exploit DB Packet Storm
194579 7.0 HIGH
Local 		apache
debian
oracle 		tomcat
debian_linux
managed_file_transfer
instantis_enterprisetrack
agile_plm
database
siebel_ui_framework
mysql_enterprise_monitor
graph_server_and_client
communications_c… 		The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikel… NVD-CWE-noinfo
CVE-2021-25329 2024-11-21 14:54 2021-03-1 Show GitHub Exploit DB Packet Storm
194580 7.5 HIGH
Network 		apache
debian
oracle 		tomcat
debian_linux
managed_file_transfer
instantis_enterprisetrack
agile_plm
database
siebel_ui_framework
mysql_enterprise_monitor
graph_server_and_client
communications_c… 		When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body… CWE-200
Information Exposure 		CVE-2021-25122 2024-11-21 14:54 2021-03-1 Show GitHub Exploit DB Packet Storm