Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 17, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231211	9.3	危険	vuplayer	-	VUPlayer におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0181	2012-12-20 19:10	2009-01-20	Show	GitHub Exploit DB Packet Storm

231212	9.3	危険	vuplayer	-	VUPlayer におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0174	2012-12-20 19:10	2009-01-20	Show	GitHub Exploit DB Packet Storm

231213	9.3	危険	share2	-	AAA EasyGrid ActiveX の EasyGrid.ocx における任意のファイルを作成される脆弱性	CWE-Other その他	CVE-2009-0134	2012-12-20 19:10	2009-01-16	Show	GitHub Exploit DB Packet Storm

231214	7.5	危険	riotpix	-	RiotPix の read.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0110	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

231215	7.5	危険	riotpix	-	RiotPix の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0109	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

231216	7.5	危険	phpauctions	-	PHPAuctions における管理者アクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-0108	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

231217	4.3	警告	phpauctions	-	PHPAuctions の profile.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0107	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

231218	7.5	危険	phpauctions	-	PHPAuctions の profile.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0106	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

231219	4.3	警告	se-ed	-	EZpack の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0105	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

231220	7.5	危険	se-ed	-	EZpack の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0104	2012-12-20 19:10	2009-01-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
201111	6.5	MEDIUM Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which may lead to arbitrary file read. When BuildSpec is provided in XML format, the spec is…	-	CVE-2021-21250	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

201112	8.8	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is an issue involving YAML parsing which can lead to post-auth remote code execution. In order to parse and process YAML…	CWE-502 Deserialization of Untrusted Data	CVE-2021-21249	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

201113	8.8	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability involving the build endpoint parameters. InputSpec is used to define parameters of a Build s…	CWE-94 Code Injection	CVE-2021-21248	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

201114	8.8	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener (`AbstractPostAjaxBehavior`) in all pages other than the login pag…	CWE-502 Deserialization of Untrusted Data	CVE-2021-21247	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

201115	7.5	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list user details. However …	-	CVE-2021-21246	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

201116	7.5	HIGH Network	jqueryvalidation netapp	jquery_validation snapcenter	The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more r…	-	CVE-2021-21252	2024-11-21 14:47	2021-01-14	Show	GitHub Exploit DB Packet Storm

201117	9.8	CRITICAL Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified location (`request.ge…	-	CVE-2021-21245	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

201118	7.8	HIGH Local	git_large_file_storage_project	git_large_file_storage	Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory, that program …	-	CVE-2021-21237	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

201119	8.8	HIGH Local	flatpak debian	flatpak debian_linux	Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to exec…	-	CVE-2021-21261	2024-11-21 14:47	2021-01-15	Show	GitHub Exploit DB Packet Storm

201120	7.4	HIGH Network	flask-security-too_project	flask-security-too	The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of …	-	CVE-2021-21241	2024-11-21 14:47	2021-01-12	Show	GitHub Exploit DB Packet Storm