Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228721	2.6	注意	NHN Japan	-	Android 版ロケタッチにおける暗黙的 Intent の扱いに関する脆弱性	CWE-DesignError	CVE-2012-5182	2012-12-21 12:01	2012-12-21	Show	GitHub Exploit DB Packet Storm

228722	10	危険	IBM	-	IBM WAS for z/OS の IBM HTTP Server コンポーネントにおける任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2012-5955	2012-12-21 11:50	2012-12-19	Show	GitHub Exploit DB Packet Storm

228723	5	警告	IBM	-	IBM Rational ClearQuest の Web クライアントにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-5765	2012-12-21 11:48	2012-12-12	Show	GitHub Exploit DB Packet Storm

228724	4.3	警告	IBM	-	IBM Rational ClearQuest におけるフィッシング攻撃を実行される脆弱性	CWE-noinfo 情報不足	CVE-2012-4839	2012-12-21 11:47	2012-12-12	Show	GitHub Exploit DB Packet Storm

228725	7.5	危険	seagullproject.org	-	Seagull の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3212	2012-12-20 19:29	2010-09-3	Show	GitHub Exploit DB Packet Storm

228726	7.5	危険	seagullproject.org	-	Seagull における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-3209	2012-12-20 19:29	2010-09-3	Show	GitHub Exploit DB Packet Storm

228727	4.3	警告	wiccle	-	WWB の ajax.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3208	2012-12-20 19:29	2010-09-3	Show	GitHub Exploit DB Packet Storm

228728	7.5	危険	Textpattern	-	Textpattern CMS の index.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-3205	2012-12-20 19:29	2010-09-3	Show	GitHub Exploit DB Packet Storm

228729	5	警告	xmlswf	-	Joomla! 用の PicSell コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-3203	2012-12-20 19:29	2010-09-3	Show	GitHub Exploit DB Packet Storm

228730	9.3	危険	トレンドマイクロ	-	Trend Micro Internet Security Pro 2010 の UfProxyBrowserCtrl ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-3189	2012-12-20 19:29	2010-08-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195501	6.1	MEDIUM Network	cacti	cacti	As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL paramete…	CWE-79 Cross-site Scripting	CVE-2021-26247	2024-11-21 14:55	2022-01-20	Show	GitHub Exploit DB Packet Storm

195502	3.0	LOW Network	kubernetes	kubernetes	kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as…	NVD-CWE-Other	CVE-2021-25743	2024-11-21 14:55	2022-01-7	Show	GitHub Exploit DB Packet Storm

195503	8.8	HIGH Network	userfrosting	userfrosting	In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. By luring a victim application user to click on a link, an unauthenticated attacker can use the “forgot password” f…	CWE-74 Injection	CVE-2021-25994	2024-11-21 14:55	2022-01-3	Show	GitHub Exploit DB Packet Storm

195504	9.8	CRITICAL Network	talkyard	talkyard	In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the …	CWE-613 Insufficient Session Expiration	CVE-2021-25981	2024-11-21 14:55	2022-01-3	Show	GitHub Exploit DB Packet Storm

195505	5.4	MEDIUM Network	requarks	wiki.js	In Requarks wiki.js, versions 2.0.0-beta.147 to 2.5.255 are affected by Stored XSS vulnerability, where a low privileged (editor) user can upload a SVG file that contains malicious JavaScript while u…	CWE-79 Cross-site Scripting	CVE-2021-25993	2024-11-21 14:55	2021-12-30	Show	GitHub Exploit DB Packet Storm

195506	7.3	HIGH Network	if-me	ifme	In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete …	NVD-CWE-Other	CVE-2021-25991	2024-11-21 14:55	2021-12-29	Show	GitHub Exploit DB Packet Storm

195507	5.4	MEDIUM Network	if-me	ifme	In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe.	CWE-79 Cross-site Scripting	CVE-2021-25990	2024-11-21 14:55	2021-12-29	Show	GitHub Exploit DB Packet Storm

195508	5.4	MEDIUM Network	if-me	ifme	In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability in the markdown editor. It can be exploited by making a victim a Leader of a group which triggers the payload for …	CWE-79 Cross-site Scripting	CVE-2021-25989	2024-11-21 14:55	2021-12-29	Show	GitHub Exploit DB Packet Storm

195509	5.4	MEDIUM Network	if-me	ifme	In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin.	CWE-79 Cross-site Scripting	CVE-2021-25988	2024-11-21 14:55	2021-12-29	Show	GitHub Exploit DB Packet Storm

195510	3.3	LOW Local	samsung	pay	Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication.	NVD-CWE-Other	CVE-2021-25527	2024-11-21 14:55	2021-12-9	Show	GitHub Exploit DB Packet Storm