Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228511	5	警告	SquirrelMail Project	-	SquirrelMail の functions/imap_general.php におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-2813	2012-12-20 19:29	2010-08-19	Show	GitHub Exploit DB Packet Storm

228512	5	警告	ZNC	-	ZNC の Client.cpp におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-2812	2012-12-20 19:29	2010-08-3	Show	GitHub Exploit DB Packet Storm

228513	5.7	警告	レッドハット	-	RHEV の VDSM におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2010-2811	2012-12-20 19:29	2010-08-19	Show	GitHub Exploit DB Packet Storm

228514	6.8	警告	uzbl	-	Uzbl のバインディングのデフォルト設定における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-2809	2012-12-20 19:29	2010-08-5	Show	GitHub Exploit DB Packet Storm

228515	6.8	警告	Piwik	-	Piwik におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-2786	2012-12-20 19:29	2010-07-28	Show	GitHub Exploit DB Packet Storm

228516	2.1	注意	Wim Leers	-	Drupal 用の Hierarchical Select モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2724	2012-12-20 19:29	2010-07-7	Show	GitHub Exploit DB Packet Storm

228517	4.3	警告	rightinpoint	-	RightInPoint Lyrics Script の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2722	2012-12-20 19:29	2010-07-13	Show	GitHub Exploit DB Packet Storm

228518	4.3	警告	tomaz-muraus	-	Tomaz Muraus Open Blog の application/modules/admin/controllers/users.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-3026	2012-12-20 19:29	2010-08-16	Show	GitHub Exploit DB Packet Storm

228519	4.3	警告	tomaz-muraus	-	Tomaz Muraus Open Blog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3025	2012-12-20 19:29	2010-08-16	Show	GitHub Exploit DB Packet Storm

228520	7.5	危険	Pligg	-	Pligg の groupadmin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3013	2012-12-20 19:29	2010-08-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194391	7.5	HIGH Network	xn--b1agzlht	fx_aggregator_terminal_client	The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 stores authentication credentials in cleartext in login.sav when the Save Password box is checked.	CWE-522 Insufficiently Protected Credentials	CVE-2021-27187	2024-11-21 14:57	2021-02-12	Show	GitHub Exploit DB Packet Storm

194392	5.4	MEDIUM Network	peel	peel_shopping	A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly available. The user supplied input containing polyglot payload is echoed back in j…	CWE-79 Cross-site Scripting	CVE-2021-27190	2024-11-21 14:57	2021-02-12	Show	GitHub Exploit DB Packet Storm

194393	7.5	HIGH Network	get-ip-range_project	get-ip-range	The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service (DoS) if the range is untrusted input. An attacker could send a large range (such as 128.0.0.0/1) that causes reso…	NVD-CWE-noinfo	CVE-2021-27191	2024-11-21 14:57	2021-02-12	Show	GitHub Exploit DB Packet Storm

194394	7.5	HIGH Network	pelco	digital_sentry_server	Pelco Digital Sentry Server 7.18.72.11464 has an XML External Entity vulnerability (exploitable via the DTD parameter entities technique), resulting in disclosure and retrieval of arbitrary data on t…	CWE-611 XXE	CVE-2021-27184	2024-11-21 14:57	2021-02-12	Show	GitHub Exploit DB Packet Storm

194395	7.5	HIGH Network	treasuredata	fluent_bit	Fluent Bit 1.6.10 has a NULL pointer dereference when an flb_malloc return value is not validated by flb_avro.c or http_server/api/v1/metrics.c.	CWE-476 NULL Pointer Dereference	CVE-2021-27186	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

194396	9.8	CRITICAL Network	samba-client_project	samba-client	The samba-client package before 4.0.0 for Node.js allows command injection because of the use of process.exec.	CWE-77 Command Injection	CVE-2021-27185	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

194397	7.5	HIGH Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to crash the telnet daemon by sending a certain 0a 65 6e 61 62 6c 65 0a 02 0a 1a 0a string.	CWE-20 Improper Input Validation	CVE-2021-27179	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

194398	7.5	HIGH Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored in cleartext in nvram.	CWE-312 Cleartext Storage of Sensitive Information	CVE-2021-27178	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

194399	9.8	CRITICAL Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass authentication by sending the decoded value of the GgpoZWxwCmxpc3QKd2hvCg== string to the telnet server.	CWE-863 Incorrect Authorization	CVE-2021-27177	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

194400	7.5	HIGH Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_5g.cfg has cleartext passwords and 0644 permissions.	CWE-312 Cleartext Storage of Sensitive Information	CVE-2021-27176	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed