Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231091	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Identity Manager の /idm/help/index.jsp におけるフィッシング攻撃を実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0240	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

231092	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Identity Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0239	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

231093	7.5	危険	Xine	-	xine-lib の input/libreal/rmff.c におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0238	2012-12-20 18:34	2008-01-11	Show	GitHub Exploit DB Packet Storm

231094	7.5	危険	zero cms	-	Zero CMS における意図したアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0233	2012-12-20 18:34	2008-01-10	Show	GitHub Exploit DB Packet Storm

231095	7.5	危険	zero cms	-	Zero CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0232	2012-12-20 18:34	2008-01-10	Show	GitHub Exploit DB Packet Storm

231096	7.5	危険	tuned studios	-	Tuned Studios Subwoofer などの Web ページテンプレートにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0231	2012-12-20 18:34	2008-01-10	Show	GitHub Exploit DB Packet Storm

231097	6.4	警告	Xine	-	xine-lib の input/libreal/rmff.c におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0225	2012-12-20 18:34	2008-01-10	Show	GitHub Exploit DB Packet Storm

231098	7.5	危険	runcms	-	RunCMS の Newbb_plus モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0224	2012-12-20 18:34	2008-01-10	Show	GitHub Exploit DB Packet Storm

231099	7.5	危険	WordPress.org	-	WordPress 用の Wp-FileManager プラグインにおける任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-0222	2012-12-20 18:34	2008-01-10	Show	GitHub Exploit DB Packet Storm

231100	6.4	警告	uebimiau	-	Uebimiau Webmail における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-0210	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197251	5.9	MEDIUM Network	nim-lang	nim	Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, "nimble refresh" fetches a list of Nimble packages over HTTPS by default. In ca…	CWE-295 Improper Certificate Validation	CVE-2021-21373	2024-11-21 14:48	2021-03-27	Show	GitHub Exploit DB Packet Storm

197252	8.8	HIGH Network	nim-lang	nim	Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitra…	CWE-78 OS Command	CVE-2021-21372	2024-11-21 14:48	2021-03-27	Show	GitHub Exploit DB Packet Storm

197253	8.8	HIGH Network	buddypress	buddypress	BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rig…	-	CVE-2021-21389	2024-11-21 14:48	2021-03-27	Show	GitHub Exploit DB Packet Storm

197254	5.5	MEDIUM Network	oauth2_proxy_project	oauth2_proxy	OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based authorization in the GitLab provider stoppe…	-	CVE-2021-21411	2024-11-21 14:48	2021-03-27	Show	GitHub Exploit DB Packet Storm

197255	6.1	MEDIUM Network	matrix fedoraproject	synapse fedora	Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the n…	CWE-79 Cross-site Scripting	CVE-2021-21333	2024-11-21 14:48	2021-03-27	Show	GitHub Exploit DB Packet Storm

197256	8.2	HIGH Network	matrix fedoraproject	synapse fedora	Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the p…	CWE-79 Cross-site Scripting	CVE-2021-21332	2024-11-21 14:48	2021-03-27	Show	GitHub Exploit DB Packet Storm

197257	9.8	CRITICAL Network	kongchuanhujiao_project	kongchuanhujiao	In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.	CWE-287 Improper Authentication	CVE-2021-21403	2024-11-21 14:48	2021-03-27	Show	GitHub Exploit DB Packet Storm

197258	9.8	CRITICAL Network	genivia oracle	gsoap communications_lsms communications_diameter_signaling_router tekelec_virtual_operating_environment communications_eagle_lnp_application_processor communications_eagle_application…	A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an H…	CWE-190 Integer Overflow or Wraparound	CVE-2021-21783	2024-11-21 14:48	2021-03-26	Show	GitHub Exploit DB Packet Storm

197259	9.8	CRITICAL Network	apkleaks_project	apkleaks	APKLeaks is an open-source project for scanning APK file for URIs, endpoints & secrets. APKLeaks prior to v2.0.3 allows remote attackers to execute arbitrary OS commands via package name inside appli…	-	CVE-2021-21386	2024-11-21 14:48	2021-03-25	Show	GitHub Exploit DB Packet Storm

197260	7.4	HIGH Network	mifos	mifos-mobile	Mifos-Mobile Android Application for MifosX is an Android Application built on top of the MifosX Self-Service platform. Mifos-Mobile before commit e505f62 disables HTTPS hostname verification of its …	-	CVE-2021-21385	2024-11-21 14:48	2021-03-25	Show	GitHub Exploit DB Packet Storm