Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 31, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 228741 | 7.5 | 危険 | Virtue Netz | - | Virtue News Manager の news_detail.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2019 | 2012-12-20 19:10 | 2009-06-9 | Show | GitHub Exploit DB Packet Storm |
| 228742 | 7.5 | 危険 | Virtue Netz | - | Virtue Book Store の products.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2017 | 2012-12-20 19:10 | 2009-06-9 | Show | GitHub Exploit DB Packet Storm |
| 228743 | 7.5 | 危険 | Virtue Netz | - | Virtue Shopping Mall の products.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2016 | 2012-12-20 19:10 | 2009-06-9 | Show | GitHub Exploit DB Packet Storm |
| 228744 | 1.9 | 注意 | サン・マイクロシステムズ | - | Sun OpenSolaris の idmap におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-2012 | 2012-12-20 19:10 | 2009-06-4 | Show | GitHub Exploit DB Packet Storm |
| 228745 | 4.4 | 警告 | Debian Xfig project |
- | Xfig における任意のファイルを読み取られる脆弱性 |
CWE-59
リンク解釈の問題 |
CVE-2009-1962 | 2012-12-20 19:10 | 2009-06-7 | Show | GitHub Exploit DB Packet Storm |
| 228746 | 5 | 警告 | strongSwan | - | strongSWAN の charon デーモンにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-1958 | 2012-12-20 19:10 | 2009-06-7 | Show | GitHub Exploit DB Packet Storm |
| 228747 | 5 | 警告 | strongSwan | - | strongSWAN の charon デーモンにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-1957 | 2012-12-20 19:10 | 2009-06-7 | Show | GitHub Exploit DB Packet Storm |
| 228748 | 6.8 | 警告 | propertymaxpro | - | PropertyMax Pro FREE の管理ログイン機能における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-1952 | 2012-12-20 19:10 | 2009-06-5 | Show | GitHub Exploit DB Packet Storm |
| 228749 | 4.3 | 警告 | propertymaxpro | - | PropertyMax Pro FREE の index.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-1951 | 2012-12-20 19:10 | 2009-06-5 | Show | GitHub Exploit DB Packet Storm |
| 228750 | 7.8 | 危険 | unclassified | - | UNB の import_wbb1.php における重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2009-1949 | 2012-12-20 19:10 | 2009-06-5 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 31, 2026, 4:16 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 194821 | 9.1 |
CRITICAL
Network |
apache netapp debian oracle |
xmlbeans snap_creator_framework snapmanager oncommand_unified_manager_core_package debian_linux peoplesoft_enterprise_peopletools middleware_common_libraries_and_tools |
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion att… |
CWE-776
XML Entity Expansion |
CVE-2021-23926 | 2024-11-21 14:52 | 2021-01-15 | Show | GitHub Exploit DB Packet Storm |
| 194822 | 5.9 |
MEDIUM
Network |
apache debian oracle |
tomcat debian_linux agile_plm |
When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to … |
CWE-706
Use of Incorrectly-Resolved Name or Reference |
CVE-2021-24122 | 2024-11-21 14:52 | 2021-01-15 | Show | GitHub Exploit DB Packet Storm |
| 194823 | 7.5 |
HIGH
Network |
owasp | json-sanitizer | OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these sit… |
NVD-CWE-noinfo
|
CVE-2021-23900 | 2024-11-21 14:52 | 2021-01-14 | Show | GitHub Exploit DB Packet Storm |
| 194824 | 9.8 |
CRITICAL
Network |
owasp | json-sanitizer | OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents. |
CWE-611
XXE |
CVE-2021-23899 | 2024-11-21 14:52 | 2021-01-14 | Show | GitHub Exploit DB Packet Storm |
| 194825 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via the subject of a task. |
CWE-79
Cross-site Scripting |
CVE-2021-23936 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |
| 194826 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via an appointment in which the location contains JavaScript code. |
CWE-79
Cross-site Scripting |
CVE-2021-23935 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |
| 194827 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via a contact whose name contains JavaScript code. |
CWE-79
Cross-site Scripting |
CVE-2021-23934 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |
| 194828 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via JavaScript in a Note referenced by a mail:// URL. |
CWE-79
Cross-site Scripting |
CVE-2021-23933 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |
| 194829 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via an inline image with a crafted filename. |
CWE-79
Cross-site Scripting |
CVE-2021-23932 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |
| 194830 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via an inline binary file. |
CWE-79
Cross-site Scripting |
CVE-2021-23931 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |