Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228591 2.6 注意 サイボウズ - サイボウズ ガルーンにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0702 2013-02-8 12:01 2013-02-8 Show GitHub Exploit DB Packet Storm
228592 6.5 警告 サイボウズ - サイボウズ ガルーンにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-0701 2013-02-8 12:01 2013-02-8 Show GitHub Exploit DB Packet Storm
228593 4.3 警告 Tobias Bathge - WordPress 用 WP-Table Reloaded モジュール におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1463 2013-02-8 11:19 2013-01-27 Show GitHub Exploit DB Packet Storm
228594 6.8 警告 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-3684 2013-02-7 17:53 2012-09-13 Show GitHub Exploit DB Packet Storm
228595 10 危険 シスコシステムズ - Cisco Unified IP Phone 7900 シリーズにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-5445 2013-02-7 17:40 2012-12-28 Show GitHub Exploit DB Packet Storm
228596 10 危険 Mozilla Foundation - 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-0770 2013-02-7 17:40 2013-01-8 Show GitHub Exploit DB Packet Storm
228597 6.8 警告 アップル - Apple iOS の ImageIO におけるメモリ二重解放の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-3726 2013-02-7 17:27 2012-09-20 Show GitHub Exploit DB Packet Storm
228598 3.3 注意 アップル - Apple iOS の DHCP コンポーネントにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-3725 2013-02-7 17:20 2012-09-20 Show GitHub Exploit DB Packet Storm
228599 6.8 警告 アップル - 複数の Apple 製品で使用される CoreMedia におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-3722 2013-02-7 17:11 2012-09-20 Show GitHub Exploit DB Packet Storm
228600 9.3 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-3679 2013-02-7 16:51 2012-07-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194271 7.5 HIGH
Network 		codesys control_for_pfc100_sl
control_for_pfc200_sl
control_for_raspberry_pi_sl
control_for_linux_sl
control_for_iot2000_sl
control_for_empc-a\/imx6_sl
control_for_beaglebone_sl
edge_gat… 		CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS). CWE-476
 NULL Pointer Dereference 		CVE-2021-29241 2024-11-21 15:00 2021-05-3 Show GitHub Exploit DB Packet Storm
194272 7.3 HIGH
Network 		codesys gateway
control_rte
control_win
embedded_target_visu_toolkit
remote_target_visu_toolkit
safety_sil
edge_gateway
hmi
simulation_runtime
plchandler
control_runtime_system_… 		CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove o… CWE-20
 Improper Input Validation  		CVE-2021-29242 2024-11-21 15:00 2021-05-3 Show GitHub Exploit DB Packet Storm
194273 7.8 HIGH
Local 		codesys development_system CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files embedded in libraries without first checking their validity. CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2021-29239 2024-11-21 15:00 2021-05-3 Show GitHub Exploit DB Packet Storm
194274 8.8 HIGH
Network 		codesys automation_server CODESYS Automation Server before 1.16.0 allows cross-site request forgery (CSRF). CWE-352
 Origin Validation Error 		CVE-2021-29238 2024-11-21 15:00 2021-05-3 Show GitHub Exploit DB Packet Storm
194275 9.1 CRITICAL
Network 		adaltas mixme In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions. The polluted attribute will be directly assigned to… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2021-28860 2024-11-21 15:00 2021-05-3 Show GitHub Exploit DB Packet Storm
194276 9.8 CRITICAL
Network 		zohocorp manageengine_eventlog_analyzer Zoho ManageEngine Eventlog Analyzer through 12147 is vulnerable to unauthenticated directory traversal via an entry in a ZIP archive. This leads to remote code execution. CWE-22
Path Traversal 		CVE-2021-28959 2024-11-21 15:00 2021-04-30 Show GitHub Exploit DB Packet Storm
194277 7.2 HIGH
Network 		shipment_100-design_material_download_system_project shipment_100-design_material_download_system SQL injection in the getip function in conn/function.php in ??100-???????? 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/product_add.php. CWE-89
SQL Injection 		CVE-2021-29350 2024-11-21 15:00 2021-04-30 Show GitHub Exploit DB Packet Storm
194278 7.5 HIGH
Network 		live555 streaming_media Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Stre… NVD-CWE-noinfo
CVE-2021-28899 2024-11-21 15:00 2021-04-30 Show GitHub Exploit DB Packet Storm
194279 6.5 MEDIUM
Network 		arubanetworks clearpass A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPas… NVD-CWE-noinfo
CVE-2021-29141 2024-11-21 15:00 2021-04-29 Show GitHub Exploit DB Packet Storm
194280 4.8 MEDIUM
Network 		arubanetworks clearpass A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy … CWE-79
Cross-site Scripting 		CVE-2021-29139 2024-11-21 15:00 2021-04-29 Show GitHub Exploit DB Packet Storm