Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230611 4.3 警告 podcast generator - Podcast Generator の set_permissions.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1212 2012-12-20 18:34 2008-03-7 Show GitHub Exploit DB Packet Storm
230612 9.3 危険 pnotepad - Programmer's Notepad の ctags parsing コードにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1210 2012-12-20 18:34 2008-03-7 Show GitHub Exploit DB Packet Storm
230613 4.3 警告 xitex - Xitex WebContent M1 の redirect.do におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1209 2012-12-20 18:34 2008-03-7 Show GitHub Exploit DB Packet Storm
230614 4.3 警告 サン・マイクロシステムズ - Sun Java System Access Manager の管理コンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1204 2012-12-20 18:34 2008-02-27 Show GitHub Exploit DB Packet Storm
230615 7.1 危険 レッドハット - Red Hat Enterprise Linux のデフォルト IPSec ifup スクリプトにおける総当り攻撃を実行される脆弱性 CWE-16
環境設定 		CVE-2008-1198 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
230616 4.3 警告 torrenttrader - TorrentTrader Classic の TorrentTrader Classic におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1173 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
230617 4.3 警告 torrenttrader - TorrentTrader Classic の account-inbox.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-1172 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
230618 7.8 危険 simm-comm - SCI Photo Chat Server の組み込まれた HTTP サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1169 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
230619 4.3 警告 sarg - Sarg におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1168 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
230620 10 危険 sarg - Sarg の useragent.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1167 2012-12-20 18:34 2008-03-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196641 6.1 MEDIUM
Network 		sap businessobjects_business_intelligence SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This coul… CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2021-21444 2024-11-21 14:48 2021-02-10 Show GitHub Exploit DB Packet Storm
196642 4.3 MEDIUM
Network 		otrs cis_in_customer_frontend Agents are able to see and link Config Items without permissions, which are defined in General Catalog. This issue affects: OTRS AG OTRSCIsInCustomerFrontend 7.0.x version 7.0.14 and prior versions. CWE-276
Incorrect Default Permissions  		CVE-2021-21436 2024-11-21 14:48 2021-02-8 Show GitHub Exploit DB Packet Storm
196643 6.5 MEDIUM
Network 		otrs otrs Article Bcc fields and agent personal information are shown when customer prints the ticket (PDF) via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0… CWE-200
Information Exposure 		CVE-2021-21435 2024-11-21 14:48 2021-02-8 Show GitHub Exploit DB Packet Storm
196644 4.8 MEDIUM
Network 		otrs survey Survey administrator can craft a survey in such way that malicious code can be executed in the agent interface (i.e. another agent who wants to make changes in the survey). This issue affects: OTRS A… CWE-79
Cross-site Scripting 		CVE-2021-21434 2024-11-21 14:48 2021-02-8 Show GitHub Exploit DB Packet Storm
196645 5.3 MEDIUM
Network 		jenkins jenkins Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition. CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2021-21615 2024-11-21 14:48 2021-01-27 Show GitHub Exploit DB Packet Storm
196646 7.5 HIGH
Network 		zte zxr10_9904_firmware
zxr10_9908_firmware
zxr10_9916_firmware
zxr10_9904-s_firmware
zxr10_9908-s_firmware 		Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operat… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2021-21723 2024-11-21 14:48 2021-01-27 Show GitHub Exploit DB Packet Storm
196647 4.4 MEDIUM
Local 		zte zxv10_b860a_firmware A ZTE Smart STB is impacted by an information leak vulnerability. The device did not fully verify the log, so attackers could use this vulnerability to obtain sensitive user information for further i… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2021-21722 2024-11-21 14:48 2021-01-15 Show GitHub Exploit DB Packet Storm
196648 5.5 MEDIUM
Local 		jenkins bumblebee_hp_alm Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkin… CWE-522
 Insufficiently Protected Credentials 		CVE-2021-21614 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
196649 6.1 MEDIUM
Network 		jenkins tics Jenkins TICS Plugin 2020.3.0.6 and earlier does not escape TICS service responses, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to control TICS service respon… CWE-79
Cross-site Scripting 		CVE-2021-21613 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
196650 5.5 MEDIUM
Local 		jenkins tracetronic_ecu-test Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the J… CWE-522
 Insufficiently Protected Credentials 		CVE-2021-21612 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm