Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228611 5 警告 TYPO3 Association - TYPO3 用の Webesse E-Card エクステンションにおける重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2009-4704 2012-12-20 19:28 2010-03-15 Show GitHub Exploit DB Packet Storm
228612 7.5 危険 TYPO3 Association - TYPO3 用の Webesse Image Gallery エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4703 2012-12-20 19:28 2010-03-15 Show GitHub Exploit DB Packet Storm
228613 5 警告 skadate - SkaDate Dating の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4700 2012-12-20 19:28 2010-03-15 Show GitHub Exploit DB Packet Storm
228614 4.3 警告 skadate - SkaDate Dating におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4699 2012-12-20 19:28 2010-03-15 Show GitHub Exploit DB Packet Storm
228615 4.3 警告 radscripts - RadNICS Gold の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4697 2012-12-20 19:28 2010-03-10 Show GitHub Exploit DB Packet Storm
228616 7.5 危険 radscripts - RadNICS Gold の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4696 2012-12-20 19:28 2010-03-10 Show GitHub Exploit DB Packet Storm
228617 7.5 危険 radscripts - RadScripts RadLance Gold の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4695 2012-12-20 19:28 2010-03-10 Show GitHub Exploit DB Packet Storm
228618 4.3 警告 radscripts - RadScripts RadLance Gold の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4694 2012-12-20 19:28 2010-03-10 Show GitHub Exploit DB Packet Storm
228619 4.3 警告 radscripts - RadScripts RadLance Gold の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4692 2012-12-20 19:28 2010-03-10 Show GitHub Exploit DB Packet Storm
228620 7.5 危険 resalecode - Request It の addlink.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4691 2012-12-20 19:28 2010-03-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194531 9.8 CRITICAL
Network 		emby emby Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address. CWE-290
 Authentication Bypass by Spoofing 		CVE-2021-25827 2024-11-21 14:55 2023-06-29 Show GitHub Exploit DB Packet Storm
194532 7.8 HIGH
Local 		kubernetes kubernetes Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. NVD-CWE-noinfo
CVE-2021-25749 2024-11-21 14:55 2023-05-25 Show GitHub Exploit DB Packet Storm
194533 6.5 MEDIUM
Network 		kubernetes ingress-nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` … NVD-CWE-noinfo
CVE-2021-25748 2024-11-21 14:55 2023-05-25 Show GitHub Exploit DB Packet Storm
194534 7.8 HIGH
Local 		avaya ip_office A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB… NVD-CWE-Other
CVE-2021-25657 2024-11-21 14:55 2022-09-2 Show GitHub Exploit DB Packet Storm
194535 8.8 HIGH
Network 		apache hadoop ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run a… - CVE-2021-25642 2024-11-21 14:55 2022-08-25 Show GitHub Exploit DB Packet Storm
194536 5.5 MEDIUM
Local 		intel killer_ac_1550_firmware
killer_wi-fi_6_ax1650_firmware
killer_wi-fi_6e_ax1690_firmware
killer_wi-fi_6e_ax1675_firmware
proset_wi-fi_6e_ax210_firmware
wi-fi_6e_ax211_firmware
wi-fi_6… 		Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable denial of service via local access. CWE-125
Out-of-bounds Read 		CVE-2021-26254 2024-11-21 14:55 2022-08-19 Show GitHub Exploit DB Packet Storm
194537 5.5 MEDIUM
Local 		intel wi-fi_6_ax411_firmware
wi-fi_6_ax211_firmware
wi-fi_6_ax210_firmware
wi-fi_6_ax201_firmware
wi-fi_6_ax200_firmware
wireless-ac_9560_firmware
wireless-ac_9462_firmware
wireless-ac… 		Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denia… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2021-26257 2024-11-21 14:55 2022-08-19 Show GitHub Exploit DB Packet Storm
194538 7.8 HIGH
Local 		intel killer_control_center Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access. NVD-CWE-Other
CVE-2021-26258 2024-11-21 14:55 2022-05-13 Show GitHub Exploit DB Packet Storm
194539 8.1 HIGH
Network 		splunk splunk A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Sp… NVD-CWE-noinfo
CVE-2021-26253 2024-11-21 14:55 2022-05-7 Show GitHub Exploit DB Packet Storm
194540 7.1 HIGH
Network 		kubernetes ingress-nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API … CWE-20
 Improper Input Validation  		CVE-2021-25746 2024-11-21 14:55 2022-05-6 Show GitHub Exploit DB Packet Storm