Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230981	7.2	危険	razorCMS	-	razorCMS の Security Manager における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-1462	2012-12-20 19:10	2009-04-20	Show	GitHub Exploit DB Packet Storm

230982	3.5	注意	razorCMS	-	razorCMS の Create New Page フォームにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1461	2012-12-20 19:10	2009-04-20	Show	GitHub Exploit DB Packet Storm

230983	4.6	警告	razorCMS	-	razorCMS における管理者のパスワードハッシュを取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-1460	2012-12-20 19:10	2009-04-20	Show	GitHub Exploit DB Packet Storm

230984	6.8	警告	razorCMS	-	razorCMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-1459	2012-12-20 19:10	2009-04-20	Show	GitHub Exploit DB Packet Storm

230985	4.3	警告	razorCMS	-	razorCMS の admin/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1458	2012-12-20 19:10	2009-04-20	Show	GitHub Exploit DB Packet Storm

230986	6.5	警告	stephane rajalu	-	Malleo の admin.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-1456	2012-12-20 19:10	2009-04-28	Show	GitHub Exploit DB Packet Storm

230987	7.5	危険	webportal	-	WebPortal CMS の indexk.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-1444	2012-12-20 19:10	2009-04-27	Show	GitHub Exploit DB Packet Storm

230988	2.1	注意	トレンドマイクロ	-	Trend Micro OfficeScan Client の NTRtScan.exe におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-1435	2012-12-20 19:10	2009-04-27	Show	GitHub Exploit DB Packet Storm

230989	7.5	危険	SilverStripe	-	SilverStripe の File::find における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1433	2012-12-20 19:10	2009-04-24	Show	GitHub Exploit DB Packet Storm

230990	5	警告	シマンテック	-	SEP の Symantec Reporting Server におけるログイン画面に任意のテキストを挿入される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1432	2012-12-20 19:10	2009-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196371	7.8	HIGH Local	microsoft	windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019	Windows Installer Elevation of Privilege Vulnerability	CWE-20 Improper Input Validation	CVE-2021-26415	2024-11-21 14:56	2021-04-14	Show	GitHub Exploit DB Packet Storm

196372	6.2	MEDIUM Local	microsoft	windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019	Windows Installer Spoofing Vulnerability	NVD-CWE-noinfo	CVE-2021-26413	2024-11-21 14:56	2021-04-14	Show	GitHub Exploit DB Packet Storm

196373	8.8	HIGH Network	litespeedtech	openlitespeed	Privilege Escalation in LiteSpeed Technologies OpenLiteSpeed web server version 1.7.8 allows attackers to gain root terminal access and execute commands on the host system.	CWE-269 Improper Privilege Management	CVE-2021-26758	2024-11-21 14:56	2021-04-8	Show	GitHub Exploit DB Packet Storm

196374	9.8	CRITICAL Network	d-link	dsl-320b-d1	D-Link DSL-320B-D1 devices through EU_1.25 are prone to multiple Stack-Based Buffer Overflows that allow unauthenticated remote attackers to take over a device via the login.xgi user and pass paramet…	CWE-787 Out-of-bounds Write	CVE-2021-26709	2024-11-21 14:56	2021-04-7	Show	GitHub Exploit DB Packet Storm

196375	5.9	MEDIUM Network	timelybills	timelybills	Cleartext Storage in a File or on Disk in TimelyBills <= 1.7.0 for iOS and versions <= 1.21.115 for Android allows attacker who can locally read user's files obtain JWT tokens for user's account due …	CWE-459 Incomplete Cleanup	CVE-2021-26833	2024-11-21 14:56	2021-04-7	Show	GitHub Exploit DB Packet Storm

196376	5.5	MEDIUM Local	kaspersky	internet_security	KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker to disable anti-virus protection.	CWE-863 Incorrect Authorization	CVE-2021-26718	2024-11-21 14:56	2021-04-2	Show	GitHub Exploit DB Packet Storm

196377	6.5	MEDIUM Network	hpe	superdome_flex_server_firmware	A potential security vulnerability has been identified in HPE Superdome Flex server. A denial of service attack can be remotely exploited leaving hung connections to the BMC web interface. The monarc…	NVD-CWE-noinfo	CVE-2021-26581	2024-11-21 14:56	2021-04-2	Show	GitHub Exploit DB Packet Storm

196378	6.1	MEDIUM Network	hpe	integrated_lights-out_amplifier	A potential security vulnerability has been identified in HPE iLO Amplifier Pack. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). HPE has provided the following sof…	CWE-79 Cross-site Scripting	CVE-2021-26580	2024-11-21 14:56	2021-04-2	Show	GitHub Exploit DB Packet Storm

196379	5.5	MEDIUM Local	hpe	unified_data_management	A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product). HPE has provided …	CWE-798 Use of Hard-coded Credentials	CVE-2021-26579	2024-11-21 14:56	2021-03-31	Show	GitHub Exploit DB Packet Storm

196380	9.8	CRITICAL Network	dlink	dir-816_firmware	D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request parameter can be used in command string construction in the handler function of the /goform/dir_setWanWif…	CWE-78 OS Command	CVE-2021-26810	2024-11-21 14:56	2021-03-30	Show	GitHub Exploit DB Packet Storm