Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230341	3.6	注意	scribe	-	Scribe の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0822	2012-12-20 18:34	2008-02-19	Show	GitHub Exploit DB Packet Storm

230342	3.6	注意	plutostatus	-	PlutoStatus Locator の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0819	2012-12-20 18:34	2008-02-19	Show	GitHub Exploit DB Packet Storm

230343	6.4	警告	truc	-	TRUC の download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0814	2012-12-20 18:34	2008-02-18	Show	GitHub Exploit DB Packet Storm

230344	5	警告	xpweb	-	XPWeb の Download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0813	2012-12-20 18:34	2008-02-18	Show	GitHub Exploit DB Packet Storm

230345	9.3	危険	reality	-	PHPizabi の image.php における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0805	2012-12-20 18:34	2008-02-18	Show	GitHub Exploit DB Packet Storm

230346	6.8	警告	Thecus	-	Thecus N5200Pro NAS Server の usrgetform.html における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-0804	2012-12-20 18:34	2008-02-18	Show	GitHub Exploit DB Packet Storm

230347	7.5	危険	VWar	-	VWar の calendar.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0753	2012-12-20 18:34	2008-02-13	Show	GitHub Exploit DB Packet Storm

230348	10	危険	ソニー・コンピュータエンタテインメント	-	Sony ImageStation 用の SonyISUpload.cab におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0748	2012-12-20 18:34	2008-02-13	Show	GitHub Exploit DB Packet Storm

230349	7.5	危険	PreProject.com	-	PreProjects.com Pre Hotels & Resorts Management System の user_login.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0744	2012-12-20 18:34	2008-02-12	Show	GitHub Exploit DB Packet Storm

230350	7.5	危険	powerscripts	-	PowerScripts PowerNews におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0742	2012-12-20 18:34	2008-02-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196491	7.8	HIGH Local	cisco	immunet clamav advanced_malware_protection_for_endpoints	A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenti…	-	CVE-2021-1386	2024-11-21 14:44	2021-04-8	Show	GitHub Exploit DB Packet Storm

196492	6.1	MEDIUM Network	cisco	unified_communications_manager_im_\&_presence_service unified_communications_manager unity_connection	Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&…	CWE-79 Cross-site Scripting	CVE-2021-1380	2024-11-21 14:44	2021-04-8	Show	GitHub Exploit DB Packet Storm

196493	8.8	HIGH Network	cisco	unified_communications_manager prime_license_manager unified_communications_manager_im_\&_presence_service unity_connection	A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presen…	-	CVE-2021-1362	2024-11-21 14:44	2021-04-8	Show	GitHub Exploit DB Packet Storm

196494	8.8	HIGH Adjacent	cisco	rv132w_firmware rv134w_firmware rv160_firmware rv160w_firmware rv260_firmware rv260p_firmware rv260w_firmware rv340_firmware rv340w_firmware rv345_firmware rv345p_firmwa…	Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary cod…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2021-1309	2024-11-21 14:44	2021-04-8	Show	GitHub Exploit DB Packet Storm

196495	7.4	HIGH Adjacent	cisco	rv132w_firmware rv134w_firmware rv160_firmware rv160w_firmware rv260_firmware rv260p_firmware rv260w_firmware rv340_firmware rv340w_firmware rv345_firmware rv345p_firmwa…	Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary cod…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2021-1308	2024-11-21 14:44	2021-04-8	Show	GitHub Exploit DB Packet Storm

196496	6.1	MEDIUM Network	tableau	tableau_server	Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users.	CWE-601 Open Redirect	CVE-2021-1629	2024-11-21 14:44	2021-03-27	Show	GitHub Exploit DB Packet Storm

196497	9.8	CRITICAL Network	salesforce	mule	MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4…	CWE-611 XXE	CVE-2021-1628	2024-11-21 14:44	2021-03-27	Show	GitHub Exploit DB Packet Storm

196498	9.8	CRITICAL Network	salesforce	mule	MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-1627	2024-11-21 14:44	2021-03-27	Show	GitHub Exploit DB Packet Storm

196499	9.8	CRITICAL Network	salesforce	mule	MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x…	NVD-CWE-noinfo	CVE-2021-1626	2024-11-21 14:44	2021-03-27	Show	GitHub Exploit DB Packet Storm

196500	7.1	HIGH Local	duo	authentication_proxy	The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitra…	-	CVE-2021-1492	2024-11-21 14:44	2021-03-26	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed