Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228981 7.5 危険 sijio - Sijio Community Software の gallery/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2696 2012-12-20 19:29 2010-07-12 Show GitHub Exploit DB Packet Storm
228982 6.5 警告 xlightftpd - Xlight FTP Server の SFTP/SSH2 仮想サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-2695 2012-12-20 19:29 2010-07-12 Show GitHub Exploit DB Packet Storm
228983 7.5 危険 redcomponent - Joomla! 用の redSHOP コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2694 2012-12-20 19:29 2010-07-12 Show GitHub Exploit DB Packet Storm
228984 7.5 危険 site2nite - Site2Nite Boat Classifieds の detail.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2688 2012-12-20 19:29 2010-07-12 Show GitHub Exploit DB Packet Storm
228985 7.5 危険 site2nite - Site2Nite Boat Classifieds の printdetail.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2687 2012-12-20 19:29 2010-07-12 Show GitHub Exploit DB Packet Storm
228986 7.5 危険 topmanage - SAP 用の TopManage OLK モジュール内における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2686 2012-12-20 19:29 2010-07-12 Show GitHub Exploit DB Packet Storm
228987 7.5 危険 Realtyna LLC - Joomla! 用の Realtyna Translator コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-2682 2012-12-20 19:29 2010-07-12 Show GitHub Exploit DB Packet Storm
228988 4 警告 RSAセキュリティ - RSA enVision におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-2634 2012-12-20 19:29 2010-08-10 Show GitHub Exploit DB Packet Storm
228989 7.5 危険 strongSwan - strongSwan の IKE デーモンにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2628 2012-12-20 19:29 2010-08-2 Show GitHub Exploit DB Packet Storm
228990 7.5 危険 Pligg - Pligg における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2577 2012-12-20 19:29 2010-08-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194671 5.0 MEDIUM
Local 		hcltechsw hcl_commerce HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website. CWE-522
 Insufficiently Protected Credentials 		CVE-2021-27785 2024-11-21 14:58 2022-07-30 Show GitHub Exploit DB Packet Storm
194672 9.8 CRITICAL
Network 		hcltech onetest_server Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial … CWE-697
 Incorrect Comparison 		CVE-2021-27786 2024-11-21 14:58 2022-06-10 Show GitHub Exploit DB Packet Storm
194673 4.8 MEDIUM
Network 		acquia mautic A cross-site scripting (XSS) vulnerability in the installer component of Mautic before 4.3.0 allows admins to inject executable javascript CWE-79
Cross-site Scripting 		CVE-2021-27914 2024-11-21 14:58 2022-06-2 Show GitHub Exploit DB Packet Storm
194674 4.8 MEDIUM
Network 		hcltech traveler HCL Traveler is vulnerable to a cross-site scripting (XSS) caused by improper validation of the Name parameter for Approved Applications in the Traveler administration web pages. An attacker could ex… CWE-79
Cross-site Scripting 		CVE-2021-27778 2024-11-21 14:58 2022-06-1 Show GitHub Exploit DB Packet Storm
194675 4.8 MEDIUM
Network 		hcltech modern_client_management
bigfix_mobile 		The Master operator may be able to embed script tag in HTML with alert pop-up display cookie. CWE-79
Cross-site Scripting 		CVE-2021-27781 2024-11-21 14:58 2022-05-28 Show GitHub Exploit DB Packet Storm
194676 5.3 MEDIUM
Network 		hcltech modern_client_management
bigfix_mobile 		The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment. NVD-CWE-noinfo
CVE-2021-27780 2024-11-21 14:58 2022-05-28 Show GitHub Exploit DB Packet Storm
194677 6.5 MEDIUM
Network 		hcltech bigfix_modern_client_management
bigfix_mobile 		User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed. CWE-311
Missing Encryption of Sensitive Data 		CVE-2021-27783 2024-11-21 14:58 2022-05-26 Show GitHub Exploit DB Packet Storm
194678 9.1 CRITICAL
Network 		hcltech versionvault_express VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server. CWE-311
Missing Encryption of Sensitive Data 		CVE-2021-27779 2024-11-21 14:58 2022-05-26 Show GitHub Exploit DB Packet Storm
194679 5.5 MEDIUM
Local 		xpdfreader xpdf There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03. CWE-476
 NULL Pointer Dereference 		CVE-2021-27548 2024-11-21 14:58 2022-05-19 Show GitHub Exploit DB Packet Storm
194680 9.8 CRITICAL
Network 		weintek cmt-svr-100_firmware
cmt-svr-102_firmware
cmt-svr-200_firmware
cmt-svr-202_firmware
cmt-g01_firmware
cmt-g02_firmware
cmt-g03_firmware
cmt-g04_firmware
cmt3071_firmware
cmt… 		The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system. CWE-94
Code Injection 		CVE-2021-27446 2024-11-21 14:58 2022-05-17 Show GitHub Exploit DB Packet Storm