Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230891	7.5	危険	phpauctions	-	PHPAuctions における管理者アクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-0108	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

230892	4.3	警告	phpauctions	-	PHPAuctions の profile.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0107	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

230893	7.5	危険	phpauctions	-	PHPAuctions の profile.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0106	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

230894	4.3	警告	se-ed	-	EZpack の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0105	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

230895	7.5	危険	se-ed	-	EZpack の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0104	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

230896	7.5	危険	playSMS	-	playSMS における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-0103	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

230897	10	危険	The phpMyAdmin Project	-	phpMyAdmin の libraries/File.class.php における脆弱性	CWE-310 暗号の問題	CVE-2008-7252	2012-12-20 19:10	2010-01-15	Show	GitHub Exploit DB Packet Storm

230898	10	危険	The phpMyAdmin Project	-	phpMyAdmin の libraries/File.class.php における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-7251	2012-12-20 19:10	2010-01-19	Show	GitHub Exploit DB Packet Storm

230899	9	危険	シマンテック	-	Symantec Brightmail Gateway Appliance の Control Center における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2009-0064	2012-12-20 19:10	2009-04-23	Show	GitHub Exploit DB Packet Storm

230900	4.3	警告	シマンテック	-	Symantec Brightmail Gateway Appliance の Control Center におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0063	2012-12-20 19:10	2009-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196391	9.8	CRITICAL Network	wpdatatables	wpdatatables	wpDataTables before 3.4.1 mishandles order direction for server-side tables, aka admin-ajax.php?action=get_wdtable order[0][dir] SQL injection.	CWE-89 SQL Injection	CVE-2021-26754	2024-11-21 14:56	2021-02-8	Show	GitHub Exploit DB Packet Storm

196392	7.5	HIGH Network	sthttpd_project	sthttpd	An issue was discovered in sthttpd through 2.27.1. On systems where the strcpy function is implemented with memcpy, the de_dotdot function may cause a Denial-of-Service (daemon crash) due to overlapp…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2021-26843	2024-11-21 14:56	2021-02-8	Show	GitHub Exploit DB Packet Storm

196393	6.1	MEDIUM Network	jenzabar	jenzabar	Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS.	CWE-79 Cross-site Scripting	CVE-2021-26723	2024-11-21 14:56	2021-02-6	Show	GitHub Exploit DB Packet Storm

196394	6.1	MEDIUM Network	linkedin	oncall	LinkedIn Oncall through 1.4.0 allows reflected XSS via /query because of mishandling of the "No results found for" message in the search bar.	CWE-79 Cross-site Scripting	CVE-2021-26722	2024-11-21 14:56	2021-02-6	Show	GitHub Exploit DB Packet Storm

196395	5.3	MEDIUM Network	redwood	report2web	A frame-injection issue in the online help in Redwood Report2Web 4.3.4.5 allows remote attackers to render an external resource inside a frame via the help/Online_Help/NetHelp/default.htm turl parame…	CWE-610 Externally Controlled Reference to a Resource in Another Sphere	CVE-2021-26711	2024-11-21 14:56	2021-02-5	Show	GitHub Exploit DB Packet Storm

196396	6.1	MEDIUM Network	redwood	report2web	A cross-site scripting (XSS) issue in the login panel in Redwood Report2Web 4.3.4.5 and 4.5.3 allows remote attackers to inject JavaScript via the signIn.do urll parameter.	CWE-79 Cross-site Scripting	CVE-2021-26710	2024-11-21 14:56	2021-02-5	Show	GitHub Exploit DB Packet Storm

196397	7.0	HIGH Local	linux netapp	linux_kernel cloud_backup fas_baseboard_management_controller aff_baseboard_management_controller solidfire_\&_hci_management_node solidfire_baseboard_management_controller base…	A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The ra…	CWE-667 Improper Locking	CVE-2021-26708	2024-11-21 14:56	2021-02-5	Show	GitHub Exploit DB Packet Storm

196398	9.8	CRITICAL Network	google	android	An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The USB laf gadget has a use-after-free. The LG ID is LVE-SMP-200031 (February 2021).	CWE-416 Use After Free	CVE-2021-26689	2024-11-21 14:56	2021-02-4	Show	GitHub Exploit DB Packet Storm

196399	9.8	CRITICAL Network	google	android	An issue was discovered on LG Wing mobile devices with Android OS 10 software. The biometric sensor has weak security properties. The LG ID is LVE-SMP-200030 (February 2021).	NVD-CWE-noinfo	CVE-2021-26688	2024-11-21 14:56	2021-02-4	Show	GitHub Exploit DB Packet Storm

196400	9.8	CRITICAL Network	google	android	An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. In preloaded applications, the HostnameVerified default is mishandled. The LG ID is LVE-SMP-200029 (Februa…	NVD-CWE-noinfo	CVE-2021-26687	2024-11-21 14:56	2021-02-4	Show	GitHub Exploit DB Packet Storm