Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231271 7.5 危険 simpcms - SimpCMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4953 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231272 5.1 警告 webmedia explorer - webmex における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4948 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231273 6.8 警告 phpffl - phpFFL における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4935 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231274 4.6 警告 phpffl - phpFFL における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4934 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231275 7.5 危険 shop-script - Shop-Script の includes/admin/sub/conf_appearence.php における任意の PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4933 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231276 7.5 危険 shop-script - Shop-Script の admin.php における admin パネルへアクセスされる脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4932 2012-12-20 18:33 2007-09-18 Show GitHub Exploit DB Packet Storm
231277 4.3 警告 php-stats - PHP-Stats の tracking.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4917 2012-12-20 18:33 2007-09-17 Show GitHub Exploit DB Packet Storm
231278 9.3 危険 WinSCP - WinSCP におけるリモートサーバで任意のファイル転送を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4909 2012-12-20 18:33 2007-09-17 Show GitHub Exploit DB Packet Storm
231279 7.5 危険 Qualiteam Software Limited - X-Cart における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4907 2012-12-20 18:33 2007-09-17 Show GitHub Exploit DB Packet Storm
231280 4.3 警告 リアルネットワークス - RealNetworks RealPlayer および Helix Player におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2007-4904 2012-12-20 18:33 2007-09-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197431 7.8 HIGH
Local 		netgear genie_installer All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecur… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2021-20172 2024-11-21 14:46 2021-12-31 Show GitHub Exploit DB Packet Storm
197432 5.5 MEDIUM
Local 		netgear rax43_firmware Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admi… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2021-20171 2024-11-21 14:46 2021-12-31 Show GitHub Exploit DB Packet Storm
197433 8.8 HIGH
Network 		netgear rax43_firmware Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encry… CWE-798
 Use of Hard-coded Credentials 		CVE-2021-20170 2024-11-21 14:46 2021-12-31 Show GitHub Exploit DB Packet Storm
197434 6.8 MEDIUM
Physics 		netgear rax43_firmware Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive infor… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2021-20169 2024-11-21 14:46 2021-12-31 Show GitHub Exploit DB Packet Storm
197435 6.8 MEDIUM
Physics 		netgear rax43_firmware Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A malicious actor with physical access to the device is able to connect to the UART port via a serial connec… CWE-287
Improper Authentication 		CVE-2021-20168 2024-11-21 14:46 2021-12-31 Show GitHub Exploit DB Packet Storm
197436 8.0 HIGH
Adjacent 		netgear rax43_firmware Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter. CWE-77
Command Injection 		CVE-2021-20167 2024-11-21 14:46 2021-12-31 Show GitHub Exploit DB Packet Storm
197437 8.8 HIGH
Adjacent 		netgear rax43_firmware Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection cont… CWE-120
Classic Buffer Overflow 		CVE-2021-20166 2024-11-21 14:46 2021-12-31 Show GitHub Exploit DB Packet Storm
197438 8.8 HIGH
Network 		trendnet tew-827dru_firmware Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. Most pages lack proper usage of CSRF protections or mitigations. Additionally, pages that do make use of CSRF … CWE-352
 Origin Validation Error 		CVE-2021-20165 2024-11-21 14:46 2021-12-31 Show GitHub Exploit DB Packet Storm
197439 4.9 MEDIUM
Network 		trendnet tew-827dru_firmware Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Usernames and passwords for all smb users are revealed in plaintext on the smbserv… CWE-522
 Insufficiently Protected Credentials 		CVE-2021-20164 2024-11-21 14:46 2021-12-31 Show GitHub Exploit DB Packet Storm
197440 4.9 MEDIUM
Network 		trendnet tew-827dru_firmware Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. Usernames and passwords for all ftp users are revealed in plaintext on the ftpserver.asp page. CWE-522
 Insufficiently Protected Credentials 		CVE-2021-20163 2024-11-21 14:46 2021-12-31 Show GitHub Exploit DB Packet Storm