Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230911	7.5	危険	phpComasy	-	phpComasy の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1164	2012-12-20 18:34	2008-03-5	Show	GitHub Exploit DB Packet Storm

230912	7.5	危険	phparcadescript	-	phpArcadeScript の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1163	2012-12-20 18:34	2008-03-5	Show	GitHub Exploit DB Packet Storm

230913	7.5	危険	ZyXEL	-	ZyXEL ZyWALL における権限を取得される脆弱性	CWE-DesignError	CVE-2008-1160	2012-12-20 18:34	2008-03-24	Show	GitHub Exploit DB Packet Storm

230914	5.1	警告	The phpMyAdmin Project	-	phpMyAdmin における SQL インジェクションおよびクロスサイトリクエストフォージェリ攻撃を実行される脆弱性	CWE-352 CWE-89	CVE-2008-1149	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

230915	9.3	危険	synce	-	SynCE-dccm の vdccm の src/utils.cpp における任意のコマンドを実行される脆弱性	CWE-20 CWE-94	CVE-2008-1136	2012-12-20 18:34	2008-03-4	Show	GitHub Exploit DB Packet Storm

230916	4.3	警告	xrms crm	-	XRMS CRM の admin/users/self.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1129	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

230917	6.8	警告	phpmytourney	-	phpMyTourney の tourney/index.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1128	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

230918	5	警告	podcast generator	-	Podcast Generator におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-1125	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

230919	6.8	警告	podcast generator	-	Podcast Generator における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1124	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

230920	6.8	警告	sitebuilder	-	SiteBuilder Elite における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-1123	2012-12-20 18:34	2008-03-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196791	8.8	HIGH Network	smarty debian fedoraproject	smarty debian_linux fedora	Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static ph…	-	CVE-2021-21408	2024-11-21 14:48	2022-01-11	Show	GitHub Exploit DB Packet Storm

196792	8.1	HIGH Network	zte	zxin10_cms	ZTE BigVideo analysis product has an input verification vulnerability. Due to the inconsistency between the front and back verifications when configuring the large screen page, an attacker with high …	NVD-CWE-noinfo	CVE-2021-21751	2024-11-21 14:48	2021-12-28	Show	GitHub Exploit DB Packet Storm

196793	7.8	HIGH Local	zte	zxin10_cms	ZTE BigVideo Analysis product has a privilege escalation vulnerability. Due to improper management of the timed task modification privilege, an attacker with ordinary user permissions could exploit t…	CWE-269 Improper Privilege Management	CVE-2021-21750	2024-11-21 14:48	2021-12-28	Show	GitHub Exploit DB Packet Storm

196794	5.3	MEDIUM Network	php netapp debian tenable	php clustered_data_ontap debian_linux tenable.sc	In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename cont…	NVD-CWE-Other	CVE-2021-21707	2024-11-21 14:48	2021-11-29	Show	GitHub Exploit DB Packet Storm

196795	5.5	MEDIUM Local	dell	emc_powerscale_onefs	Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges to gain…	-	CVE-2021-21561	2024-11-21 14:48	2021-11-24	Show	GitHub Exploit DB Packet Storm

196796	7.5	HIGH Network	dell	emc_powerscale_onefs	Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This vulnerability is triggered when upgrading from a previous v…	NVD-CWE-Other	CVE-2021-21528	2024-11-21 14:48	2021-11-13	Show	GitHub Exploit DB Packet Storm

196797	6.5	MEDIUM Network	jenkins	performance	Jenkins Performance Plugin 3.20 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.	CWE-611 XXE	CVE-2021-21701	2024-11-21 14:48	2021-11-12	Show	GitHub Exploit DB Packet Storm

196798	5.4	MEDIUM Network	jenkins	scriptler	Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion, resulting in a stored cross-site scripting (XSS) vulnerability exploitabl…	CWE-79 Cross-site Scripting	CVE-2021-21700	2024-11-21 14:48	2021-11-12	Show	GitHub Exploit DB Packet Storm

196799	5.4	MEDIUM Network	jenkins	active_choices	Jenkins Active Choices Plugin 2.5.6 and earlier does not escape the parameter name of reactive parameters and dynamic reference parameters, resulting in a stored cross-site scripting (XSS) vulnerabil…	CWE-79 Cross-site Scripting	CVE-2021-21699	2024-11-21 14:48	2021-11-12	Show	GitHub Exploit DB Packet Storm

196800	7.5	HIGH Network	jenkins	subversion	Jenkins Subversion Plugin 2.15.0 and earlier does not restrict the name of a file when looking up a subversion key file on the controller from an agent.	CWE-22 Path Traversal	CVE-2021-21698	2024-11-21 14:48	2021-11-5	Show	GitHub Exploit DB Packet Storm