Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230781 9.3 危険 sorinara - Sorinara Soritong MP3 Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1643 2012-12-20 19:10 2009-05-15 Show GitHub Exploit DB Packet Storm
230782 7.5 危険 t-dreams - Techno Dreams Job Career Package における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-1638 2012-12-20 19:10 2009-05-15 Show GitHub Exploit DB Packet Storm
230783 6.4 警告 simplecustomer - Simple Customer の profile.php における admin 電子メールアドレスなどを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1637 2012-12-20 19:10 2009-05-15 Show GitHub Exploit DB Packet Storm
230784 10 危険 Unisys - Windows 上で稼動している Unisys BIS におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1628 2012-12-20 19:10 2009-06-26 Show GitHub Exploit DB Packet Storm
230785 9.3 危険 sdp multimedia - SDP Downloader におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1627 2012-12-20 19:10 2009-05-12 Show GitHub Exploit DB Packet Storm
230786 7.5 危険 will kraft - EZ-Blog の public/specific.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1626 2012-12-20 19:10 2009-05-12 Show GitHub Exploit DB Packet Storm
230787 7.5 危険 teraway - Teraway FileStream における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-1619 2012-12-20 19:10 2009-05-12 Show GitHub Exploit DB Packet Storm
230788 7.5 危険 teraway - Teraway LiveHelp における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-1618 2012-12-20 19:10 2009-05-12 Show GitHub Exploit DB Packet Storm
230789 7.5 危険 teraway - Teraway LinkTracker における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-1617 2012-12-20 19:10 2009-05-12 Show GitHub Exploit DB Packet Storm
230790 6.8 警告 Canonical - Ubuntu の Ubuntu clamav-milter.init スクリプトにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1601 2012-12-20 19:10 2009-05-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196711 7.5 HIGH
Network 		mercusys mercury_x18g_firmware MERCUSYS Mercury X18G 1.0.5 devices allow Denial of service via a crafted value to the POST listen_http_lan parameter. Upon subsequent device restarts after this vulnerability is exploted the device … NVD-CWE-noinfo
CVE-2021-25811 2024-11-21 14:55 2021-04-30 Show GitHub Exploit DB Packet Storm
196712 6.1 MEDIUM
Network 		mercusys mercury_x18g_firmware Cross site Scripting (XSS) vulnerability in MERCUSYS Mercury X18G 1.0.5 devices, via crafted values to the 'src_dport_start', 'src_dport_end', and 'dest_port' parameters. CWE-79
Cross-site Scripting 		CVE-2021-25810 2024-11-21 14:55 2021-04-30 Show GitHub Exploit DB Packet Storm
196713 9.8 CRITICAL
Network 		minthcm minthcm A weak password requirement vulnerability exists in the Create New User function of MintHCM RELEASE 3.0.8, which could lead an attacker to easier password brute-forcing. CWE-521
Weak Password Requirements  		CVE-2021-25839 2024-11-21 14:55 2021-04-26 Show GitHub Exploit DB Packet Storm
196714 6.1 MEDIUM
Network 		minthcm minthcm The Import function in MintHCM RELEASE 3.0.8 allows an attacker to execute a cross-site scripting (XSS) payload in file-upload. CWE-79
Cross-site Scripting 		CVE-2021-25838 2024-11-21 14:55 2021-04-26 Show GitHub Exploit DB Packet Storm
196715 9.8 CRITICAL
Network 		manta safe-obj Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2021-25928 2024-11-21 14:55 2021-04-26 Show GitHub Exploit DB Packet Storm
196716 9.8 CRITICAL
Network 		safe-flat_project safe-flat Prototype pollution vulnerability in 'safe-flat' versions 2.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2021-25927 2024-11-21 14:55 2021-04-26 Show GitHub Exploit DB Packet Storm
196717 7.5 HIGH
Network 		void aurall_rec_monitor An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attacker can send a crafted HTTP request to perform a blind time-based SQL Injection. The vulnerable par… CWE-89
SQL Injection 		CVE-2021-25899 2024-11-21 14:55 2021-04-24 Show GitHub Exploit DB Packet Storm
196718 7.5 HIGH
Network 		void aural_rec_monitor An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value… CWE-798
CWE-312
 Use of Hard-coded Credentials
 Cleartext Storage of Sensitive Information 		CVE-2021-25898 2024-11-21 14:55 2021-04-24 Show GitHub Exploit DB Packet Storm
196719 7.8 HIGH
Local 		siemens tecnomatix_robotexpert A vulnerability has been identified in Tecnomatix RobotExpert (All versions < V16.1). Affected applications lack proper validation of user-supplied data when parsing CELL files. This could result in … - CVE-2021-25670 2024-11-21 14:55 2021-04-23 Show GitHub Exploit DB Packet Storm
196720 7.5 HIGH
Network 		adtran personal_phone_manager AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be use… NVD-CWE-noinfo
CVE-2021-25681 2024-11-21 14:55 2021-04-20 Show GitHub Exploit DB Packet Storm