Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228981	5	警告	Imthiaz	-	WordPress 用 Organizer プラグインにおけるインストールパスを取得される脆弱性	CWE-200 情報漏えい	CVE-2012-6512	2013-01-25 14:27	2013-01-24	Show	GitHub Exploit DB Packet Storm

228982	4.3	警告	Imthiaz	-	WordPress 用 Organizer プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6511	2013-01-25 14:26	2013-01-24	Show	GitHub Exploit DB Packet Storm

228983	4.3	警告	NetArt Media	-	NetArt Media Car Portal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6510	2013-01-25 14:25	2013-01-24	Show	GitHub Exploit DB Packet Storm

228984	7.5	危険	NetArt Media	-	NetArt Media Car Portal における任意の PHP コードを実行される脆弱性	CWE-Other その他	CVE-2012-6509	2013-01-25 14:25	2013-01-24	Show	GitHub Exploit DB Packet Storm

228985	6.8	警告	NetArt Media	-	NetArt Media Car Portal におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-6508	2013-01-25 14:24	2013-01-24	Show	GitHub Exploit DB Packet Storm

228986	7.5	危険	Jason Sexauer	-	ChurchCMS の admin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-6507	2013-01-25 14:23	2013-01-24	Show	GitHub Exploit DB Packet Storm

228987	4.3	警告	Zingiri	-	WordPress 用 Zingiri Web Shop プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6506	2013-01-25 14:22	2012-04-28	Show	GitHub Exploit DB Packet Storm

228988	4.3	警告	Shawn Bradley	-	PHP Volunteer Management におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6505	2013-01-25 14:20	2013-01-24	Show	GitHub Exploit DB Packet Storm

228989	7.5	危険	Shawn Bradley	-	PHP Volunteer Management における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-6504	2013-01-25 14:20	2013-01-24	Show	GitHub Exploit DB Packet Storm

228990	10	危険	Ninja Forge	-	Joomla! 用 NinjaXplorer コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-6503	2013-01-25 14:19	2012-04-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194621	7.5	HIGH Network	acexy	wireless-n_wifi_repeater_firmware	The Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) Web management administrator password can be changed by sending a specially crafted HTTP GET request. The administrator username has to be know…	CWE-863 Incorrect Authorization	CVE-2021-28936	2024-11-21 15:00	2021-03-29	Show	GitHub Exploit DB Packet Storm

194622	6.1	MEDIUM Network	redmine	redmine	Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip.	CWE-79 Cross-site Scripting	CVE-2021-29274	2024-11-21 15:00	2021-03-29	Show	GitHub Exploit DB Packet Storm

194623	6.1	MEDIUM Network	microco	bluemonday	bluemonday before 1.0.5 allows XSS because certain Go lowercasing converts an uppercase Cyrillic character, defeating a protection mechanism against the "script" string.	CWE-79 Cross-site Scripting	CVE-2021-29272	2024-11-21 15:00	2021-03-28	Show	GitHub Exploit DB Packet Storm

194624	6.1	MEDIUM Network	remark42	remark42	remark42 before 1.6.1 allows XSS, as demonstrated by "Locator: Locator{URL:" followed by an XSS payload. This is related to backend/app/store/comment.go and backend/app/store/service/service.go.	CWE-79 Cross-site Scripting	CVE-2021-29271	2024-11-21 15:00	2021-03-28	Show	GitHub Exploit DB Packet Storm

194625	7.5	HIGH Network	btcpayserver	btcpay_server	BTCPay Server before 1.0.6.0, when the payment button is used, has a privacy vulnerability.	NVD-CWE-noinfo	CVE-2021-29249	2024-11-21 15:00	2021-03-27	Show	GitHub Exploit DB Packet Storm

194626	7.8	HIGH Local	linux	linux_kernel	An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v->config_ctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba…	CWE-416 Use After Free	CVE-2021-29266	2024-11-21 15:00	2021-03-27	Show	GitHub Exploit DB Packet Storm

194627	4.7	MEDIUM Local	linux debian	linux_kernel debian_linux	An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race…	CWE-362 Race Condition	CVE-2021-29265	2024-11-21 15:00	2021-03-27	Show	GitHub Exploit DB Packet Storm

194628	5.5	MEDIUM Local	linux debian	linux_kernel debian_linux	An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negat…	NVD-CWE-Other	CVE-2021-29264	2024-11-21 15:00	2021-03-27	Show	GitHub Exploit DB Packet Storm

194629	7.5	HIGH Adjacent	microseven	mym71080i-b_firmware	MicroSeven MYM71080i-B 2.0.5 through 2.0.20 devices send admin credentials in cleartext to pnp.microseven.com TCP port 7007. An attacker on the same network as the device can capture these credential…	CWE-522 Insufficiently Protected Credentials	CVE-2021-29255	2024-11-21 15:00	2021-03-27	Show	GitHub Exploit DB Packet Storm

194630	7.8	HIGH Local	esri	arcgis_pro arcreader arcgis_engine arcmap	Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an un…	CWE-824 Access of Uninitialized Pointer	CVE-2021-29098	2024-11-21 15:00	2021-03-26	Show	GitHub Exploit DB Packet Storm