Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228741	5	警告	phpee	-	PowerPhlogger における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2009-4254	2012-12-20 19:28	2009-12-9	Show	GitHub Exploit DB Packet Storm

228742	4.3	警告	phpee	-	PowerPhlogger の dspStats.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4253	2012-12-20 19:28	2009-12-9	Show	GitHub Exploit DB Packet Storm

228743	6.5	警告	TestLink Development Team	-	TestLink における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4238	2012-12-20 19:28	2009-12-10	Show	GitHub Exploit DB Packet Storm

228744	3.5	注意	TestLink Development Team	-	TestLink におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4237	2012-12-20 19:28	2009-12-10	Show	GitHub Exploit DB Packet Storm

228745	4.3	警告	youjoomla	-	YJ Whois コンポーネントの modules/mod_yj_whois.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4233	2012-12-20 19:28	2009-12-4	Show	GitHub Exploit DB Packet Storm

228746	7.5	危険	ruven pillay	-	IIPImage Server の FastCGI プログラムにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4230	2012-12-20 19:28	2009-12-8	Show	GitHub Exploit DB Packet Storm

228747	4.3	警告	Xfig project	-	Xfig の u_bound.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-4228	2012-12-20 19:28	2009-12-8	Show	GitHub Exploit DB Packet Storm

228748	6.8	警告	Xfig project	-	Xfig の f_readold.c におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4227	2012-12-20 19:28	2009-12-8	Show	GitHub Exploit DB Packet Storm

228749	7.1	危険	サン・マイクロシステムズ	-	Sun OpenSolaris のカーネルにおけるサービス運用妨害 (DoS) の脆弱性	CWE-362 競合状態	CVE-2009-4226	2012-12-20 19:28	2009-12-3	Show	GitHub Exploit DB Packet Storm

228750	7.5	危険	smartisoft	-	phpBazar における管理コントロールパネルへのアクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4222	2012-12-20 19:28	2009-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194501	5.3	MEDIUM Network	apostrophecms	sanitize-html	Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the "allow…	NVD-CWE-noinfo	CVE-2021-26539	2024-11-21 14:56	2021-02-9	Show	GitHub Exploit DB Packet Storm

194502	7.8	HIGH Local	godotengine	godot_engine	A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be loc…	CWE-787 Out-of-bounds Write	CVE-2021-26826	2024-11-21 14:56	2021-02-9	Show	GitHub Exploit DB Packet Storm

194503	7.8	HIGH Local	godotengine	godot_engine	An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::load_image() function at …	CWE-190 Integer Overflow or Wraparound	CVE-2021-26825	2024-11-21 14:56	2021-02-9	Show	GitHub Exploit DB Packet Storm

194504	9.8	CRITICAL Network	wpdatatables	wpdatatables	wpDataTables before 3.4.1 mishandles order direction for server-side tables, aka admin-ajax.php?action=get_wdtable order[0][dir] SQL injection.	CWE-89 SQL Injection	CVE-2021-26754	2024-11-21 14:56	2021-02-8	Show	GitHub Exploit DB Packet Storm

194505	7.5	HIGH Network	sthttpd_project	sthttpd	An issue was discovered in sthttpd through 2.27.1. On systems where the strcpy function is implemented with memcpy, the de_dotdot function may cause a Denial-of-Service (daemon crash) due to overlapp…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2021-26843	2024-11-21 14:56	2021-02-8	Show	GitHub Exploit DB Packet Storm

194506	6.1	MEDIUM Network	jenzabar	jenzabar	Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS.	CWE-79 Cross-site Scripting	CVE-2021-26723	2024-11-21 14:56	2021-02-6	Show	GitHub Exploit DB Packet Storm

194507	6.1	MEDIUM Network	linkedin	oncall	LinkedIn Oncall through 1.4.0 allows reflected XSS via /query because of mishandling of the "No results found for" message in the search bar.	CWE-79 Cross-site Scripting	CVE-2021-26722	2024-11-21 14:56	2021-02-6	Show	GitHub Exploit DB Packet Storm

194508	5.3	MEDIUM Network	redwood	report2web	A frame-injection issue in the online help in Redwood Report2Web 4.3.4.5 allows remote attackers to render an external resource inside a frame via the help/Online_Help/NetHelp/default.htm turl parame…	CWE-610 Externally Controlled Reference to a Resource in Another Sphere	CVE-2021-26711	2024-11-21 14:56	2021-02-5	Show	GitHub Exploit DB Packet Storm

194509	6.1	MEDIUM Network	redwood	report2web	A cross-site scripting (XSS) issue in the login panel in Redwood Report2Web 4.3.4.5 and 4.5.3 allows remote attackers to inject JavaScript via the signIn.do urll parameter.	CWE-79 Cross-site Scripting	CVE-2021-26710	2024-11-21 14:56	2021-02-5	Show	GitHub Exploit DB Packet Storm

194510	7.0	HIGH Local	linux netapp	linux_kernel cloud_backup fas_baseboard_management_controller aff_baseboard_management_controller solidfire_\&_hci_management_node solidfire_baseboard_management_controller base…	A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The ra…	CWE-667 Improper Locking	CVE-2021-26708	2024-11-21 14:56	2021-02-5	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed