Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228721	4.3	警告	Catalin Florian Radut	-	Drupal 用 Zero Point モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5591	2012-12-28 16:06	2012-11-28	Show	GitHub Exploit DB Packet Storm

228722	7.5	危険	Script Head	-	Drupal 用 Webmail Plus モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-5590	2012-12-28 16:06	2012-11-28	Show	GitHub Exploit DB Packet Storm

228723	3.5	注意	Net Genius	-	Drupal 用 MultiLink モジュールにおける任意のノードタイトルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2012-5589	2012-12-28 16:04	2012-11-28	Show	GitHub Exploit DB Packet Storm

228724	2.6	注意	Matthias Hutterer	-	Drupal 用 Email Field モジュールにおける電子メールを送信される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5588	2012-12-28 16:02	2012-11-28	Show	GitHub Exploit DB Packet Storm

228725	4.3	警告	Matthias Hutterer	-	Drupal 用 Email Field モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5587	2012-12-28 15:58	2012-11-28	Show	GitHub Exploit DB Packet Storm

228726	2.1	注意	Marc Ingram	-	Drupal 用 Services モジュールにおける任意のユーザの電子メールにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5586	2012-12-28 15:57	2012-11-28	Show	GitHub Exploit DB Packet Storm

228727	2.1	注意	Mixpanel Project	-	Drupal 用 Mixpanel モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5585	2012-12-28 15:50	2012-11-28	Show	GitHub Exploit DB Packet Storm

228728	4.3	警告	Made to Order Software	-	Drupal 用 Table of Contents モジュールにおけるノードのヘッダを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5584	2012-12-28 15:49	2012-11-14	Show	GitHub Exploit DB Packet Storm

228729	6.8	警告	Sensio Labs	-	Symfony における任意のサービスにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-6432	2012-12-28 15:20	2012-12-20	Show	GitHub Exploit DB Packet Storm

228730	6.4	警告	Sensio Labs	-	Symfony における URI の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-6431	2012-12-28 15:18	2012-12-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194231	4.7	MEDIUM Local	linux fedoraproject debian netapp	linux_kernel fedora debian_linux cloud_backup solidfire_baseboard_management_controller_firmware aff_a250_firmware fas_500f_firmware	A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an exten…	CWE-362 Race Condition	CVE-2021-28964	2024-11-21 15:00	2021-03-22	Show	GitHub Exploit DB Packet Storm

194232	5.3	MEDIUM Network	shibboleth debian	service_provider debian_linux	Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.	CWE-74 Injection	CVE-2021-28963	2024-11-21 15:00	2021-03-22	Show	GitHub Exploit DB Packet Storm

194233	8.8	HIGH Network	sass_lint_project	sass_lint	The unofficial vscode-sass-lint (aka Sass Lint) extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnera…	NVD-CWE-noinfo	CVE-2021-28956	2024-11-21 15:00	2021-03-22	Show	GitHub Exploit DB Packet Storm

194234	9.8	CRITICAL Network	git-bug_project	git-bug	git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows).	CWE-427 Uncontrolled Search Path Element	CVE-2021-28955	2024-11-21 15:00	2021-03-22	Show	GitHub Exploit DB Packet Storm

194235	8.8	HIGH Network	openwrt	openwrt	applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in the DDNS package for OpenWrt 19.07 allows remote authenticated users to inject arbitrary commands via POST requests.	CWE-78 OS Command	CVE-2021-28961	2024-11-21 15:00	2021-03-21	Show	GitHub Exploit DB Packet Storm

194236	6.1	MEDIUM Network	lxml debian fedoraproject netapp oracle	lxml debian_linux fedora snapcenter zfs_storage_appliance_kit	An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attri…	CWE-79 Cross-site Scripting	CVE-2021-28957	2024-11-21 15:00	2021-03-21	Show	GitHub Exploit DB Packet Storm

194237	7.8	HIGH Local	bit_project	bit	In Chris Walz bit before 1.0.5 on Windows, attackers can run arbitrary code via a .exe file in a crafted repository.	CWE-427 Uncontrolled Search Path Element	CVE-2021-28954	2024-11-21 15:00	2021-03-21	Show	GitHub Exploit DB Packet Storm

194238	7.8	HIGH Local	c\/c\+\+_advanced_lint_project	c\/c\+\+_advanced_lint	The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository.	CWE-427 Uncontrolled Search Path Element	CVE-2021-28953	2024-11-21 15:00	2021-03-21	Show	GitHub Exploit DB Packet Storm

194239	7.8	HIGH Local	linux fedoraproject netapp	linux_kernel fedora cloud_backup a250_firmware aff_500f_firmware fas_500f_firmware solidfire_baseboard_management_controller_firmware	An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1…	CWE-120 Classic Buffer Overflow	CVE-2021-28952	2024-11-21 15:00	2021-03-21	Show	GitHub Exploit DB Packet Storm

194240	5.5	MEDIUM Local	linux fedoraproject netapp	linux_kernel fedora a250_firmware aff_500f_firmware fas_500f_firmware cloud_backup solidfire_baseboard_management_controller_firmware	An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concu…	CWE-667 Improper Locking	CVE-2021-28951	2024-11-21 15:00	2021-03-21	Show	GitHub Exploit DB Packet Storm