Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230901 5 警告 The Tor Project - Tor におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-0936 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
230902 4.3 警告 ProcessOne - ejabberd におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0934 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
230903 7.5 危険 roman bogorodskiy - nForum における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0882 2012-12-20 19:10 2009-03-12 Show GitHub Exploit DB Packet Storm
230904 5 警告 wesnoth - Wesnoth の src/terrain_translation.cpp におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-0878 2012-12-20 19:10 2009-03-12 Show GitHub Exploit DB Packet Storm
230905 4.3 警告 tangocms - TangoCMS の admincp コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0862 2012-12-20 19:10 2009-02-18 Show GitHub Exploit DB Packet Storm
230906 6.8 警告 stewart howe - CelerBB の login.php における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-0853 2012-12-20 19:10 2009-03-9 Show GitHub Exploit DB Packet Storm
230907 5 警告 stewart howe - CelerBB の showme.php における "予約情報" を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-0852 2012-12-20 19:10 2009-03-9 Show GitHub Exploit DB Packet Storm
230908 6.8 警告 stewart howe - CelerBB における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0851 2012-12-20 19:10 2009-03-9 Show GitHub Exploit DB Packet Storm
230909 7.8 危険 UMN - MapServer の mapser における任意のファイルの存在を特定される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-0843 2012-12-20 19:10 2009-03-31 Show GitHub Exploit DB Packet Storm
230910 4.3 警告 UMN - MapServer の mapserv における任意の無効な .map ファイルを読み取られる脆弱性 CWE-200
情報漏えい 		CVE-2009-0842 2012-12-20 19:10 2009-03-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196431 7.8 HIGH
Local 		kubernetes kubernetes Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. NVD-CWE-noinfo
CVE-2021-25749 2024-11-21 14:55 2023-05-25 Show GitHub Exploit DB Packet Storm
196432 6.5 MEDIUM
Network 		kubernetes ingress-nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` … NVD-CWE-noinfo
CVE-2021-25748 2024-11-21 14:55 2023-05-25 Show GitHub Exploit DB Packet Storm
196433 7.8 HIGH
Local 		avaya ip_office A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB… NVD-CWE-Other
CVE-2021-25657 2024-11-21 14:55 2022-09-2 Show GitHub Exploit DB Packet Storm
196434 8.8 HIGH
Network 		apache hadoop ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run a… - CVE-2021-25642 2024-11-21 14:55 2022-08-25 Show GitHub Exploit DB Packet Storm
196435 5.5 MEDIUM
Local 		intel killer_ac_1550_firmware
killer_wi-fi_6_ax1650_firmware
killer_wi-fi_6e_ax1690_firmware
killer_wi-fi_6e_ax1675_firmware
proset_wi-fi_6e_ax210_firmware
wi-fi_6e_ax211_firmware
wi-fi_6… 		Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable denial of service via local access. CWE-125
Out-of-bounds Read 		CVE-2021-26254 2024-11-21 14:55 2022-08-19 Show GitHub Exploit DB Packet Storm
196436 5.5 MEDIUM
Local 		intel wi-fi_6_ax411_firmware
wi-fi_6_ax211_firmware
wi-fi_6_ax210_firmware
wi-fi_6_ax201_firmware
wi-fi_6_ax200_firmware
wireless-ac_9560_firmware
wireless-ac_9462_firmware
wireless-ac… 		Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denia… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2021-26257 2024-11-21 14:55 2022-08-19 Show GitHub Exploit DB Packet Storm
196437 7.8 HIGH
Local 		intel killer_control_center Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access. NVD-CWE-Other
CVE-2021-26258 2024-11-21 14:55 2022-05-13 Show GitHub Exploit DB Packet Storm
196438 8.1 HIGH
Network 		splunk splunk A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Sp… NVD-CWE-noinfo
CVE-2021-26253 2024-11-21 14:55 2022-05-7 Show GitHub Exploit DB Packet Storm
196439 7.1 HIGH
Network 		kubernetes ingress-nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API … CWE-20
 Improper Input Validation  		CVE-2021-25746 2024-11-21 14:55 2022-05-6 Show GitHub Exploit DB Packet Storm
196440 8.1 HIGH
Network 		kubernetes ingress-nginx A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io… CWE-20
 Improper Input Validation  		CVE-2021-25745 2024-11-21 14:55 2022-05-6 Show GitHub Exploit DB Packet Storm