Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228921	7.5	危険	Plohni	-	Image voting の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3356	2012-12-20 19:28	2009-09-24	Show	GitHub Exploit DB Packet Storm

228922	10	危険	Steve Lockwood	-	Drupal 用の Node2Node モジュールにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3353	2012-12-20 19:28	2009-09-9	Show	GitHub Exploit DB Packet Storm

228923	10	危険	roshan shah	-	Drupal 用の Quota by role モジュールにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3352	2012-12-20 19:28	2009-09-9	Show	GitHub Exploit DB Packet Storm

228924	10	危険	roshan shah	-	Drupal 用の Subdomain Manager モジュールにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3350	2012-12-20 19:28	2009-09-9	Show	GitHub Exploit DB Packet Storm

228925	10	危険	SAP	-	SAP Crystal Reports Server における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2009-3346	2012-12-20 19:28	2009-09-24	Show	GitHub Exploit DB Packet Storm

228926	10	危険	SAP	-	SAP Crystal Reports Server におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-3345	2012-12-20 19:28	2009-09-24	Show	GitHub Exploit DB Packet Storm

228927	5	警告	SAP	-	Windows 上で稼動する Crystal Reports Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2009-3344	2012-12-20 19:28	2009-09-24	Show	GitHub Exploit DB Packet Storm

228928	7.5	危険	s9y	-	S9Y 用の Freetag プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3337	2012-12-20 19:28	2009-08-27	Show	GitHub Exploit DB Packet Storm

228929	7.5	危険	phpprobid	-	PHP Pro Bid の auction_details.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3336	2012-12-20 19:28	2009-09-24	Show	GitHub Exploit DB Packet Storm

228930	7.5	危険	turtus	-	Joomla! 用の TurtuShout コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3335	2012-12-20 19:28	2009-09-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194871	6.1	MEDIUM Network	atlassian	data_center jira jira_server jira_data_center	The CardLayoutConfigTable component in Jira Server and Jira Data Center before version 8.5.15, and from version 8.6.0 before version 8.13.7, and from version 8.14.0 before 8.17.0 allows remote attack…	CWE-79 Cross-site Scripting	CVE-2021-26079	2024-11-21 14:55	2021-06-8	Show	GitHub Exploit DB Packet Storm

194872	6.1	MEDIUM Network	atlassian	data_center jira jira_server	The number range searcher component in Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before version 8.13.6, and from version 8.14.0 before version 8.16.1 allows remote at…	CWE-79 Cross-site Scripting	CVE-2021-26078	2024-11-21 14:55	2021-06-8	Show	GitHub Exploit DB Packet Storm

194873	9.8	CRITICAL Network	nestie_project	nestie	Prototype pollution vulnerability in 'nestie' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2021-25947	2024-11-21 14:55	2021-06-4	Show	GitHub Exploit DB Packet Storm

194874	6.5	MEDIUM Adjacent	fortinet	fortiswitch	A missing release of memory after effective lifetime vulnerability in FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below may allow an attacker on an adjacent network to exha…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2021-26111	2024-11-21 14:55	2021-06-2	Show	GitHub Exploit DB Packet Storm

194875	6.1	MEDIUM Network	apache	dubbo	In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability.	CWE-601 CWE-918 Open Redirect Server-Side Request Forgery (SSRF)	CVE-2021-25640	2024-11-21 14:55	2021-06-1	Show	GitHub Exploit DB Packet Storm

194876	9.8	CRITICAL Network	apache	dubbo	Each Apache Dubbo server will set a serialization id to tell the clients which serialization protocol it is working on. But for Dubbo versions before 2.7.8 or 2.6.9, an attacker can choose which seri…	CWE-502 Deserialization of Untrusted Data	CVE-2021-25641	2024-11-21 14:55	2021-06-1	Show	GitHub Exploit DB Packet Storm

194877	5.4	MEDIUM Network	opennms	meridian opennms	In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1…	CWE-79 Cross-site Scripting	CVE-2021-25932	2024-11-21 14:55	2021-06-1	Show	GitHub Exploit DB Packet Storm

194878	4.9	MEDIUM Network	couchbase	couchbase_server	An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2. Internal users with administrator privileges, @cbq-engine-cbauth and @index-cbauth, leak credentials in cl…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2021-25643	2024-11-21 14:55	2021-05-27	Show	GitHub Exploit DB Packet Storm

194879	9.8	CRITICAL Network	js-extend_project	js-extend	Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2021-25945	2024-11-21 14:55	2021-05-27	Show	GitHub Exploit DB Packet Storm

194880	6.5	MEDIUM Network	joomla	joomla\!	An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo.	CWE-352 Origin Validation Error	CVE-2021-26034	2024-11-21 14:55	2021-05-26	Show	GitHub Exploit DB Packet Storm