Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230961 6.8 警告 WordPress.org - WordPress の wp-includes/query.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6318 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
230962 5.5 警告 Real Time Logic - BarracudaDrive Web Server におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6317 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
230963 4.3 警告 Real Time Logic - BarracudaDrive Web Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6316 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
230964 4 警告 Real Time Logic - Group Chat の BarracudaDrive Web Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2007-6315 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
230965 5 警告 Real Time Logic - BarracudaDrive Web Server における Web スクリプトに対するソースコードを読まれる脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6314 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
230966 4.3 警告 ウェブセンス - Websense Enterprise および Web Security Suite の Web Reporting Tools portal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6312 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
230967 4.3 警告 webSPELL - webSPELL の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6309 2012-12-20 18:34 2007-12-11 Show GitHub Exploit DB Packet Storm
230968 5 警告 phpmychat - phpMyChat の users_popupL.php3 における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6296 2012-12-20 18:34 2007-12-10 Show GitHub Exploit DB Packet Storm
230969 7.5 危険 xigla - Xigla Absolute Banner Manager .NET の abm.aspx における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6291 2012-12-20 18:34 2007-12-10 Show GitHub Exploit DB Packet Storm
230970 7.5 危険 tecnick.com - TCExam における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6288 2012-12-20 18:34 2007-12-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196891 4.5 MEDIUM
Adjacent 		konicaminolta bizhub_c750i_firmware
bizhub_c650i_firmware
bizhub_c550i_firmware
bizhub_c450i_firmware
bizhub_c360i_firmware
bizhub_c300i_firmware
bizhub_c250i_firmware
bizhub_750i_firmware
 Incorrect authorization vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhu… CWE-863
 Incorrect Authorization 		CVE-2021-20868 2024-11-21 14:47 2022-01-4 Show GitHub Exploit DB Packet Storm
196892 8.1 HIGH
Network 		yappli yappli Yappli is an application development platform which provides the function to access a requested URL using Custom URL Scheme. When Android apps are developed with Yappli versions since v7.3.6 and prio… CWE-862
 Missing Authorization 		CVE-2021-20873 2024-11-21 14:47 2021-12-28 Show GitHub Exploit DB Packet Storm
196893 6.8 MEDIUM
Network 		groupsession groupsession Path traversal vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows an attacker with an admini… CWE-22
Path Traversal 		CVE-2021-20876 2024-11-21 14:47 2021-12-24 Show GitHub Exploit DB Packet Storm
196894 6.1 MEDIUM
Network 		groupsession groupsession Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated at… CWE-601
Open Redirect 		CVE-2021-20875 2024-11-21 14:47 2021-12-24 Show GitHub Exploit DB Packet Storm
196895 7.5 HIGH
Network 		groupsession groupsession Incorrect permission assignment for critical resource vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and ea… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2021-20874 2024-11-21 14:47 2021-12-24 Show GitHub Exploit DB Packet Storm
196896 7.5 HIGH
Network 		idec microsmart_fc6a_firmware
microsmart_plus_fc6a_firmware
data_file_manager
windedit
windldr 		Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 a… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2021-20827 2024-11-21 14:47 2021-12-24 Show GitHub Exploit DB Packet Storm
196897 7.6 HIGH
Adjacent 		idec microsmart_fc6a_firmware
microsmart_plus_fc6a_firmware
data_file_manager
windedit
windldr 		Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.1… CWE-522
 Insufficiently Protected Credentials 		CVE-2021-20826 2024-11-21 14:47 2021-12-24 Show GitHub Exploit DB Packet Storm
196898 6.5 MEDIUM
Network 		advancedcustomfields advanced_custom_fields Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in moving the field group which may allow a user to m… CWE-862
 Missing Authorization 		CVE-2021-20867 2024-11-21 14:47 2021-12-13 Show GitHub Exploit DB Packet Storm
196899 6.5 MEDIUM
Network 		advancedcustomfields advanced_custom_fields Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in obtaining the user list which may allow a user to … CWE-862
 Missing Authorization 		CVE-2021-20866 2024-11-21 14:47 2021-12-13 Show GitHub Exploit DB Packet Storm
196900 7.5 HIGH
Network 		advancedcustomfields advanced_custom_fields Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5.11 contain a missing authorization vulnerability in browsing database which may allow a user to browse… CWE-862
 Missing Authorization 		CVE-2021-20865 2024-11-21 14:47 2021-12-13 Show GitHub Exploit DB Packet Storm