Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229621 4.3 警告 PrestaShop - PrestaShop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6503 2012-12-20 19:10 2009-03-20 Show GitHub Exploit DB Packet Storm
229622 4.6 警告 Pro Chat Rooms - Pro Chat Rooms におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6502 2012-12-20 19:10 2009-03-20 Show GitHub Exploit DB Packet Storm
229623 4.3 警告 Pro Chat Rooms - Pro Chat Rooms の profiles/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6501 2012-12-20 19:10 2009-03-20 Show GitHub Exploit DB Packet Storm
229624 7.8 危険 tp - Neostrada Livebox ADSL ルータにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6497 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
229625 8.8 危険 visagesoft - VISAGESOFT eXPert PDF EditorX の VSPDFEditorX.VSPDFEdit ActiveX コントロールにおける任意のファイルを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6496 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
229626 4.3 警告 zirkon box - Fritz Berger yappa-ng の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6495 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
229627 5 警告 robs-projects - ASP User Engine.NET におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6494 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
229628 6.8 警告 tizag - Tizag Countdown Creator の process.php における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6492 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
229629 7.5 危険 softcomplex - SoftComplex PHP Image Gallery の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6488 2012-12-20 19:10 2009-03-18 Show GitHub Exploit DB Packet Storm
229630 6.8 警告 shatm - SharedLog の slideshow_uploadvideo.content.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6486 2012-12-20 19:10 2009-03-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195501 6.8 MEDIUM
Physics 		netgear r6700_firmware Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. A malicious actor with physical access to the device is able to connect to the UART port via a ser… CWE-287
Improper Authentication 		CVE-2021-23147 2024-11-21 14:51 2021-12-31 Show GitHub Exploit DB Packet Storm
195502 7.5 HIGH
Network 		celeryproject
fedoraproject 		celery
fedora
extra_packages_for_enterprise_linux 		This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized.… CWE-77
Command Injection 		CVE-2021-23727 2024-11-21 14:51 2021-12-30 Show GitHub Exploit DB Packet Storm
195503 7.8 HIGH
Local 		oppo coloros ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same… NVD-CWE-Other
CVE-2021-23244 2024-11-21 14:51 2021-12-28 Show GitHub Exploit DB Packet Storm
195504 9.8 CRITICAL
Network 		js-data js-data All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of [CVE-2020-28442](https://snyk.io/vuln/SNYK-JS-JSDATA-10236… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2021-23574 2024-11-21 14:51 2021-12-25 Show GitHub Exploit DB Packet Storm
195505 7.5 HIGH
Network 		parse-link-header_project parse-link-header The package parse-link-header before 2.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the checkHeader function. CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2021-23490 2024-11-21 14:51 2021-12-25 Show GitHub Exploit DB Packet Storm
195506 8.8 HIGH
Network 		iris-go iris This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may ena… CWE-59
Link Following 		CVE-2021-23772 2024-11-21 14:51 2021-12-24 Show GitHub Exploit DB Packet Storm
195507 9.8 CRITICAL
Network 		myscada mypro mySCADA myPRO: Versions 8.20.0 and prior has a feature where the password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter. - CVE-2021-23198 2024-11-21 14:51 2021-12-24 Show GitHub Exploit DB Packet Storm
195508 8.2 HIGH
Local 		nvidia geforce_experience NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user inte… CWE-863
 Incorrect Authorization 		CVE-2021-23175 2024-11-21 14:51 2021-12-24 Show GitHub Exploit DB Packet Storm
195509 6.1 MEDIUM
Network 		deltaww diaenergie DIAEnergie Version 1.7.5 and prior is vulnerable to a reflected cross-site scripting attack through error pages that are returned by “.NET Request.QueryString”. - CVE-2021-23228 2024-11-21 14:51 2021-12-23 Show GitHub Exploit DB Packet Storm
195510 9.8 CRITICAL
Network 		nette latte This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of cer… CWE-863
 Incorrect Authorization 		CVE-2021-23803 2024-11-21 14:51 2021-12-18 Show GitHub Exploit DB Packet Storm