Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230861	5	警告	robs-projects	-	ROBS-PROJECTS Digital Sales IPN におけるユーザ資格情報を含むデータベースファイルをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-0328	2012-12-20 19:10	2009-01-29	Show	GitHub Exploit DB Packet Storm

230862	7.5	危険	seraphimtech	-	Free Bible Search PHP Script の readbible.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0327	2012-12-20 19:10	2009-01-29	Show	GitHub Exploit DB Packet Storm

230863	10	危険	w3	-	W3C Amaya Web Browser におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0323	2012-12-20 19:10	2009-01-28	Show	GitHub Exploit DB Packet Storm

230864	6.9	警告	XChat	-	xchat の Python モジュールにおける任意のコードを実行される脆弱性	CWE-Other その他	CVE-2009-0315	2012-12-20 19:10	2009-01-28	Show	GitHub Exploit DB Packet Storm

230865	4.3	警告	webhelpdesk	-	Web Help Desk におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0303	2012-12-20 19:10	2009-01-27	Show	GitHub Exploit DB Packet Storm

230866	6.8	警告	webmobo	-	WB News における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-0294	2012-12-20 19:10	2009-01-27	Show	GitHub Exploit DB Packet Storm

230867	7.5	危険	wazzum	-	Wazzum Dating Software の profile_view.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0293	2012-12-20 19:10	2009-01-27	Show	GitHub Exploit DB Packet Storm

230868	7.5	危険	shop-inet	-	SHOP-INET の show_cat2.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0292	2012-12-20 19:10	2009-01-27	Show	GitHub Exploit DB Packet Storm

230869	6.8	警告	SIR	-	SIR GNUBoard の common.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-0290	2012-12-20 19:10	2009-01-27	Show	GitHub Exploit DB Packet Storm

230870	5	警告	windows tftp utility	-	k23productions TFTPUtil GUI におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-0289	2012-12-20 19:10	2009-01-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196361	7.8	HIGH Local	avahi debian	avahi debian_linux	avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbit…	CWE-59 Link Following	CVE-2021-26720	2024-11-21 14:56	2021-02-18	Show	GitHub Exploit DB Packet Storm

196362	9.8	CRITICAL Network	phpgurukul	car_rental_portal	PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-26809	2024-11-21 14:56	2021-02-18	Show	GitHub Exploit DB Packet Storm

196363	5.3	MEDIUM Network	apache	airflow	The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as th…	CWE-306 Missing Authentication for Critical Function	CVE-2021-26697	2024-11-21 14:56	2021-02-18	Show	GitHub Exploit DB Packet Storm

196364	6.5	MEDIUM Network	apache	airflow	Improper Access Control on Configurations Endpoint for the Stable API of Apache Airflow allows users with Viewer or User role to get Airflow Configurations including sensitive information even when `…	NVD-CWE-Other	CVE-2021-26559	2024-11-21 14:56	2021-02-18	Show	GitHub Exploit DB Packet Storm

196365	9.8	CRITICAL Network	phpgurukul	teachers_record_management_system	Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthentic…	CWE-89 SQL Injection	CVE-2021-26822	2024-11-21 14:56	2021-02-16	Show	GitHub Exploit DB Packet Storm

196366	9.9	CRITICAL Network	nedi	nedi	NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker to obtain access to t…	CWE-863 Incorrect Authorization	CVE-2021-26753	2024-11-21 14:56	2021-02-13	Show	GitHub Exploit DB Packet Storm

196367	8.8	HIGH Network	nedi	nedi	NeDi 1.9C allows an authenticated user to execute operating system commands in the Nodes Traffic function on the endpoint /Nodes-Traffic.php via the md or ag HTTP GET parameter. This allows an attack…	CWE-78 OS Command	CVE-2021-26752	2024-11-21 14:56	2021-02-13	Show	GitHub Exploit DB Packet Storm

196368	8.8	HIGH Network	nedi	nedi	NeDi 1.9C allows an authenticated user to perform a SQL Injection in the Monitoring History function on the endpoint /Monitoring-History.php via the det HTTP GET parameter. This allows an attacker to…	CWE-89 SQL Injection	CVE-2021-26751	2024-11-21 14:56	2021-02-13	Show	GitHub Exploit DB Packet Storm

196369	8.8	HIGH Network	smartfoxserver	smartfoxserver	An issue was discovered in SmartFoxServer 2.17.0. An attacker can execute arbitrary Python code, and bypass the javashell.py protection mechanism, by creating /config/ConsoleModuleUnlock.txt and edit…	CWE-94 Code Injection	CVE-2021-26551	2024-11-21 14:56	2021-02-10	Show	GitHub Exploit DB Packet Storm

196370	5.5	MEDIUM Local	smartfoxserver	smartfoxserver	An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via /config/server.xml.	CWE-312 Cleartext Storage of Sensitive Information	CVE-2021-26550	2024-11-21 14:56	2021-02-10	Show	GitHub Exploit DB Packet Storm