Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231011	4.3	警告	salims softhouse	-	ph03y3nk JAF CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6142	2012-12-20 18:34	2007-11-27	Show	GitHub Exploit DB Packet Storm

231012	4.3	警告	vbtube	-	vBTube の vBTube.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6141	2012-12-20 18:34	2007-11-27	Show	GitHub Exploit DB Packet Storm

231013	7.5	危険	vu	-	VU Mass Mailer の redir.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6138	2012-12-20 18:33	2007-11-27	Show	GitHub Exploit DB Packet Storm

231014	4.3	警告	phpslideshow	-	PHPSlideShow の phpslideshow.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6135	2012-12-20 18:33	2007-11-27	Show	GitHub Exploit DB Packet Storm

231015	7.5	危険	PHPKIT	-	PHPKIT の pkinc/public/article.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6134	2012-12-20 18:33	2007-11-27	Show	GitHub Exploit DB Packet Storm

231016	2.1	注意	レッドハット	-	scanbuttond の buttonpressed.sh における任意のファイルを上書きされる脆弱性	CWE-16 環境設定	CVE-2007-6131	2012-12-20 18:33	2007-11-14	Show	GitHub Exploit DB Packet Storm

231017	7.5	危険	project alumni	-	project alumni における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6127	2012-12-20 18:33	2007-11-26	Show	GitHub Exploit DB Packet Storm

231018	4.3	警告	project alumni	-	project alumni におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6126	2012-12-20 18:33	2007-11-26	Show	GitHub Exploit DB Packet Storm

231019	7.5	危険	softbiz	-	Softbiz Freelancers Script の search_form.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6125	2012-12-20 18:33	2007-11-26	Show	GitHub Exploit DB Packet Storm

231020	4.3	警告	softbiz	-	Softbiz Freelancers Script の signin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6124	2012-12-20 18:33	2007-11-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197231	7.5	HIGH Network	mitsubishielectric	fx3u-enet_firmware fx3u-enet-l_firmware fx3u-enet-p502_firmware	Improper initialization vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.16 and prior, FX3U-ENET-L Firmware version 1.16 and prior and FX3U-ENET-P502 Firmware version 1.16 and prior allo…	CWE-665 Improper Initialization	CVE-2021-20613	2024-11-21 14:46	2022-01-15	Show	GitHub Exploit DB Packet Storm

197232	7.5	HIGH Network	mitsubishielectric	fx3u-enet_firmware fx3u-enet-l_firmware fx3u-enet-p502_firmware	Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version…	NVD-CWE-Other	CVE-2021-20612	2024-11-21 14:46	2022-01-15	Show	GitHub Exploit DB Packet Storm

197233	4.3	MEDIUM Network	zohocorp	manageengine_adselfservice_plus	ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain under the html/ web root with a predictable filename based on the domain name. When ADSSP is configure…	CWE-552 Files or Directories Accessible to External Parties	CVE-2021-20148	2024-11-21 14:46	2022-01-4	Show	GitHub Exploit DB Packet Storm

197234	5.3	MEDIUM Network	zohocorp	manageengine_adselfservice_plus	ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determin…	CWE-203 Information Exposure Through Discrepancy	CVE-2021-20147	2024-11-21 14:46	2022-01-4	Show	GitHub Exploit DB Packet Storm

197235	7.5	HIGH Network	netgear	r6700_firmware	Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. By default, all communication to/from the device's SOAP Interface (port 5000) is sent vi…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2021-20175	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197236	7.5	HIGH Network	netgear	r6700_firmware	Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. By default, all communication to/from the device's web interface is sent via HTTP, which …	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2021-20174	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197237	8.8	HIGH Network	netgear	r6700_firmware	Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. By triggering a system update check via the SOAP interface, the device is s…	CWE-78 OS Command	CVE-2021-20173	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197238	7.8	HIGH Local	netgear	genie_installer	All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecur…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2021-20172	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197239	5.5	MEDIUM Local	netgear	rax43_firmware	Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admi…	CWE-312 Cleartext Storage of Sensitive Information	CVE-2021-20171	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197240	8.8	HIGH Network	netgear	rax43_firmware	Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encry…	CWE-798 Use of Hard-coded Credentials	CVE-2021-20170	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm