Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231041	9.3	危険	SQLiteManager	-	SQLiteManager の spaw/dialogs/confirm.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-0516	2012-12-20 18:34	2008-01-31	Show	GitHub Exploit DB Packet Storm

231042	7.8	危険	Phpcms	-	phpCMS の parser/include/class.cache_phpcms.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0513	2012-12-20 18:34	2008-01-31	Show	GitHub Exploit DB Packet Storm

231043	6.8	警告	WordPress.org	-	WordPress 用の Dean's Permalinks Migration プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-0508	2012-12-20 18:34	2008-01-31	Show	GitHub Exploit DB Packet Storm

231044	7.5	危険	WordPress.org	-	WordPress 用の AdServe プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0507	2012-12-20 18:34	2008-01-31	Show	GitHub Exploit DB Packet Storm

231045	5.8	警告	加藤和良	-	phpMyClub におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0501	2012-12-20 18:34	2008-01-30	Show	GitHub Exploit DB Packet Storm

231046	7.5	危険	WordPress.org	-	WordPress 用の fGallery プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0491	2012-12-20 18:34	2008-01-30	Show	GitHub Exploit DB Packet Storm

231047	7.5	危険	WordPress.org	-	WordPress 用の WP-Cal プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0490	2012-12-20 18:34	2008-01-30	Show	GitHub Exploit DB Packet Storm

231048	7.5	危険	vb marketing	-	VB Marketing の tseekdir.cgi におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0488	2012-12-20 18:34	2008-01-30	Show	GitHub Exploit DB Packet Storm

231049	7.5	危険	the net guys	-	ASPired2Protect の login.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0487	2012-12-20 18:34	2008-01-30	Show	GitHub Exploit DB Packet Storm

231050	5	警告	webwiz	-	Web Wiz Rich Text Editor の RTE_file_browser.asp におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0481	2012-12-20 18:34	2008-01-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197031	6.5	MEDIUM Network	php	php	In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when…	CWE-22 Path Traversal	CVE-2021-21706	2024-11-21 14:48	2021-10-4	Show	GitHub Exploit DB Packet Storm

197032	5.3	MEDIUM Network	php netapp oracle	php clustered_data_ontap sd-wan_aware	In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid…	CWE-20 Improper Input Validation	CVE-2021-21705	2024-11-21 14:48	2021-10-4	Show	GitHub Exploit DB Packet Storm

197033	5.9	MEDIUM Network	php netapp	php clustered_data_ontap	In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, …	CWE-787 Out-of-bounds Write	CVE-2021-21704	2024-11-21 14:48	2021-10-4	Show	GitHub Exploit DB Packet Storm

197034	4.9	MEDIUM Network	dell	emc_networker	Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and …	-	CVE-2021-21570	2024-11-21 14:48	2021-09-29	Show	GitHub Exploit DB Packet Storm

197035	4.9	MEDIUM Network	dell	emc_networker	Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain acce…	CWE-22 Path Traversal	CVE-2021-21569	2024-11-21 14:48	2021-09-29	Show	GitHub Exploit DB Packet Storm

197036	4.4	MEDIUM Local	dell	latitude_5285_2-in-1_firmware latitude_5289_2-in-1_firmware latitude_5310_2-in-1_firmware latitude_5290_2-in-1_firmware latitude_7210_2-in-1_firmware latitude_7212_rugged_extreme_table…	Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resett…	NVD-CWE-noinfo	CVE-2021-21522	2024-11-21 14:48	2021-09-29	Show	GitHub Exploit DB Packet Storm

197037	5.5	MEDIUM Local	zte	axon_30_pro_message_service	There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive inform…	NVD-CWE-Other	CVE-2021-21742	2024-11-21 14:48	2021-09-25	Show	GitHub Exploit DB Packet Storm

197038	7.8	HIGH Local	gonitro	nitro_pro	An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, res…	NVD-CWE-Other	CVE-2021-21798	2024-11-21 14:48	2021-09-15	Show	GitHub Exploit DB Packet Storm

197039	4.8	MEDIUM Network	sap	netweaver_enterprise_portal	SAP NetWeaver Enterprise Portal versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user related data, resulting in Stored Cross-Site Scripting (XSS) vulnerability. This…	CWE-79 Cross-site Scripting	CVE-2021-21489	2024-11-21 14:48	2021-09-14	Show	GitHub Exploit DB Packet Storm

197040	5.5	MEDIUM Local	jenkins	nomad	Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins control…	CWE-522 Insufficiently Protected Credentials	CVE-2021-21681	2024-11-21 14:48	2021-08-31	Show	GitHub Exploit DB Packet Storm