Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228561 5.8 警告 Cerulean Studios - Cerulean Studios Trillian における MSN の資格情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4831 2012-12-20 19:28 2010-04-29 Show GitHub Exploit DB Packet Storm
228562 6.8 警告 PHP Web Scripts - Ad Manager Pro の administration/admins.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-4828 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
228563 6.8 警告 scriptez - Mail Manager Pro の admin.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-4827 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
228564 6.8 警告 Scriptsez.net - ScriptsEz Mini Hosting Panel の hosting/admin_ac.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-4826 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
228565 6.8 警告 henning stoverud - PHPhotoalbum の upload.php における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2009-4819 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
228566 6.8 警告 phpsimplicity - PHPSimplicity Simplicity oF Upload の upload.php における任意の PHP コードを実行される脆弱性 CWE-Other
その他 		CVE-2009-4818 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
228567 4 警告 Rhino Software - Serv-U におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4815 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
228568 4.3 警告 wolfram - Wolfram Research webMathematica におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4814 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
228569 5 警告 wolfram - Wolfram Research webMathematica における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4812 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
228570 7.5 危険 samhain labs - Samhain の SRP 実装における認証を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4810 2012-12-20 19:28 2010-04-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194531 9.8 CRITICAL
Network 		emby emby Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address. CWE-290
 Authentication Bypass by Spoofing 		CVE-2021-25827 2024-11-21 14:55 2023-06-29 Show GitHub Exploit DB Packet Storm
194532 7.8 HIGH
Local 		kubernetes kubernetes Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. NVD-CWE-noinfo
CVE-2021-25749 2024-11-21 14:55 2023-05-25 Show GitHub Exploit DB Packet Storm
194533 6.5 MEDIUM
Network 		kubernetes ingress-nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` … NVD-CWE-noinfo
CVE-2021-25748 2024-11-21 14:55 2023-05-25 Show GitHub Exploit DB Packet Storm
194534 7.8 HIGH
Local 		avaya ip_office A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB… NVD-CWE-Other
CVE-2021-25657 2024-11-21 14:55 2022-09-2 Show GitHub Exploit DB Packet Storm
194535 8.8 HIGH
Network 		apache hadoop ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run a… - CVE-2021-25642 2024-11-21 14:55 2022-08-25 Show GitHub Exploit DB Packet Storm
194536 5.5 MEDIUM
Local 		intel killer_ac_1550_firmware
killer_wi-fi_6_ax1650_firmware
killer_wi-fi_6e_ax1690_firmware
killer_wi-fi_6e_ax1675_firmware
proset_wi-fi_6e_ax210_firmware
wi-fi_6e_ax211_firmware
wi-fi_6… 		Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable denial of service via local access. CWE-125
Out-of-bounds Read 		CVE-2021-26254 2024-11-21 14:55 2022-08-19 Show GitHub Exploit DB Packet Storm
194537 5.5 MEDIUM
Local 		intel wi-fi_6_ax411_firmware
wi-fi_6_ax211_firmware
wi-fi_6_ax210_firmware
wi-fi_6_ax201_firmware
wi-fi_6_ax200_firmware
wireless-ac_9560_firmware
wireless-ac_9462_firmware
wireless-ac… 		Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denia… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2021-26257 2024-11-21 14:55 2022-08-19 Show GitHub Exploit DB Packet Storm
194538 7.8 HIGH
Local 		intel killer_control_center Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access. NVD-CWE-Other
CVE-2021-26258 2024-11-21 14:55 2022-05-13 Show GitHub Exploit DB Packet Storm
194539 8.1 HIGH
Network 		splunk splunk A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Sp… NVD-CWE-noinfo
CVE-2021-26253 2024-11-21 14:55 2022-05-7 Show GitHub Exploit DB Packet Storm
194540 7.1 HIGH
Network 		kubernetes ingress-nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API … CWE-20
 Improper Input Validation  		CVE-2021-25746 2024-11-21 14:55 2022-05-6 Show GitHub Exploit DB Packet Storm