Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230401 4.4 警告 Scriptsez.net - ScriptsEZ.net Power Editor の editor.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2116 2012-12-20 18:52 2008-05-8 Show GitHub Exploit DB Packet Storm
230402 4.3 警告 Scriptsez.net - ScriptsEZ.net Power Editor の editor.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2115 2012-12-20 18:52 2008-05-8 Show GitHub Exploit DB Packet Storm
230403 7.5 危険 PreProject.com - Pre Shopping Mall の emall/search.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2114 2012-12-20 18:52 2008-05-8 Show GitHub Exploit DB Packet Storm
230404 7.5 危険 phpeasydata - PHPEasyData の annuaire.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2113 2012-12-20 18:52 2008-05-8 Show GitHub Exploit DB Packet Storm
230405 5 警告 vicftps - VicFTPS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2031 2012-12-20 18:52 2008-04-30 Show GitHub Exploit DB Packet Storm
230406 5.8 警告 RSAセキュリティ - Web の IIS 用の RSA Authentication Agent におけるオープンリダイレクトの脆弱性 CWE-200
情報漏えい 		CVE-2008-2027 2012-12-20 18:52 2008-04-30 Show GitHub Exploit DB Packet Storm
230407 4.3 警告 RSAセキュリティ - RSA Authentication Agent の WebID/IISWebAgentIF.dll におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2026 2012-12-20 18:52 2008-04-30 Show GitHub Exploit DB Packet Storm
230408 7.5 危険 Simple Machines - SMF における CAPTCHA のテストを通過される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2019 2012-12-20 18:52 2008-04-29 Show GitHub Exploit DB Packet Storm
230409 4 警告 phpizabi - PHPizabi の template.class.php の AssignUser 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-2018 2012-12-20 18:52 2008-04-29 Show GitHub Exploit DB Packet Storm
230410 9.3 危険 watchfire - WatchFire AppScan の特定の ActiveX コントロールにおける絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2015 2012-12-20 18:52 2008-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196411 9.8 CRITICAL
Network 		openmage magento Magento-lts is a long-term support alternative to Magento Community Edition (CE). In magento-lts versions 19.4.12 and prior and 20.0.8 and prior, there is a vulnerability caused by the unsecured dese… - CVE-2021-21426 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
196412 4.3 MEDIUM
Network 		jenkins cloudbees_cd Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item… - CVE-2021-21647 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
196413 8.8 HIGH
Network 		jenkins templating_engine Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code … - CVE-2021-21646 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
196414 4.3 MEDIUM
Network 		jenkins config_file_provider Jenkins Config File Provider Plugin 3.7.0 and earlier does not perform permission checks in several HTTP endpoints, attackers with Overall/Read permission to enumerate configuration file IDs. - CVE-2021-21645 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
196415 5.4 MEDIUM
Network 		jenkins config_file_provider A cross-site request forgery (CSRF) vulnerability in Jenkins Config File Provider Plugin 3.7.0 and earlier allows attackers to delete configuration files corresponding to an attacker-specified ID. CWE-352
 Origin Validation Error 		CVE-2021-21644 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
196416 6.5 MEDIUM
Network 		jenkins config_file_provider Jenkins Config File Provider Plugin 3.7.0 and earlier does not correctly perform permission checks in several HTTP endpoints, allowing attackers with global Job/Configure permission to enumerate syst… - CVE-2021-21643 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
196417 8.1 HIGH
Network 		jenkins config_file_provider Jenkins Config File Provider Plugin 3.7.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. CWE-611
XXE 		CVE-2021-21642 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
196418 6.7 MEDIUM
Local 		dell powerscale_onefs Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root. CWE-78
OS Command  		CVE-2021-21526 2024-11-21 14:48 2021-04-21 Show GitHub Exploit DB Packet Storm
196419 7.5 HIGH
Network 		filecoin lotus Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms: "serialized"… - CVE-2021-21405 2024-11-21 14:48 2021-04-16 Show GitHub Exploit DB Packet Storm
196420 7.5 HIGH
Network 		ampache ampache Ampache is a web based audio/video streaming application and file manager. Versions prior to 4.4.1 allow unauthenticated access to Ampache using the subsonic API. To successfully make the attack you … CWE-287
Improper Authentication 		CVE-2021-21399 2024-11-21 14:48 2021-04-14 Show GitHub Exploit DB Packet Storm