Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231421	7.5	危険	sepcity	-	SepCity Shopping Mall の shpdetails.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6151	2012-12-20 19:10	2009-02-16	Show	GitHub Exploit DB Packet Storm

231422	7.5	危険	sepcity	-	SepCity Classified Ads の classdis.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6150	2012-12-20 19:10	2009-02-16	Show	GitHub Exploit DB Packet Storm

231423	7.5	危険	raven-worx	-	Joomla! 用の liveticker モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6148	2012-12-20 19:10	2009-02-16	Show	GitHub Exploit DB Packet Storm

231424	7.5	危険	Web-Empowered Church Team	-	TYPO3 用の WEC Discussion Forum エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6145	2012-12-20 19:10	2009-02-16	Show	GitHub Exploit DB Packet Storm

231425	4.3	警告	Web-Empowered Church Team	-	TYPO3 用の WEC Discussion Forum エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6144	2012-12-20 19:10	2009-02-16	Show	GitHub Exploit DB Packet Storm

231426	5	警告	webbiscuits	-	WebBiscuits Modules Controller の faqsupport/wce.download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6139	2012-12-20 19:10	2009-02-13	Show	GitHub Exploit DB Packet Storm

231427	7.5	危険	webbiscuits	-	WebBiscuits Modules Controller の adminhead.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-6138	2012-12-20 19:10	2009-02-13	Show	GitHub Exploit DB Packet Storm

231428	7.5	危険	socialengine	-	SocialEngine における CRLF インジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2008-6121	2012-12-20 19:10	2009-02-11	Show	GitHub Exploit DB Packet Storm

231429	7.5	危険	socialengine	-	SocialEngine の profile_comments.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6120	2012-12-20 19:10	2009-02-11	Show	GitHub Exploit DB Packet Storm

231430	7.5	危険	pilotgroup	-	PG Job Site Pro の homepage.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6117	2012-12-20 19:10	2009-02-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197321	6.1	MEDIUM Network	misp	misp	MISP 2.4.136 has Stored XSS in the galaxy cluster view via a cluster name to app/View/GalaxyClusters/view.ctp.	CWE-79 Cross-site Scripting	CVE-2021-25324	2024-11-21 14:54	2021-01-20	Show	GitHub Exploit DB Packet Storm

197322	9.1	CRITICAL Network	misp	misp	The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password.	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2021-25323	2024-11-21 14:54	2021-01-20	Show	GitHub Exploit DB Packet Storm

197323	7.8	HIGH Local	opendesign siemens	drawings_software_development_kit jt2go teamcenter_visualization comos	An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is run with malformed .DXF and .DWG files. T…	CWE-787 Out-of-bounds Write	CVE-2021-25178	2024-11-21 14:54	2021-01-18	Show	GitHub Exploit DB Packet Storm

197324	7.8	HIGH Local	opendesign siemens	drawings_software_development_kit jt2go teamcenter_visualization comos	An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Confusion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, pot…	CWE-843 Type Confusion	CVE-2021-25177	2024-11-21 14:54	2021-01-18	Show	GitHub Exploit DB Packet Storm

197325	7.8	HIGH Local	opendesign siemens	drawings_software_development_kit jt2go teamcenter_visualization comos	An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash,…	CWE-476 NULL Pointer Dereference	CVE-2021-25176	2024-11-21 14:54	2021-01-18	Show	GitHub Exploit DB Packet Storm

197326	7.8	HIGH Local	opendesign siemens	drawings_software_development_kit jt2go teamcenter_visualization comos	An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Conversion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, po…	CWE-704 Incorrect Type Conversion or Cast	CVE-2021-25175	2024-11-21 14:54	2021-01-18	Show	GitHub Exploit DB Packet Storm

197327	7.8	HIGH Local	opendesign siemens	drawings_software_development_kit jt2go teamcenter_visualization comos	An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potent…	CWE-787 Out-of-bounds Write	CVE-2021-25174	2024-11-21 14:54	2021-01-18	Show	GitHub Exploit DB Packet Storm

197328	7.8	HIGH Local	opendesign siemens	drawings_software_development_kit jt2go teamcenter_visualization comos	An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to c…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2021-25173	2024-11-21 14:54	2021-01-18	Show	GitHub Exploit DB Packet Storm

197329	6.1	MEDIUM Network	opencats	opencats	OpenCATS through 0.9.5-3 has multiple Cross-site Scripting (XSS) issues.	CWE-79 Cross-site Scripting	CVE-2021-25295	2024-11-21 14:54	2021-01-18	Show	GitHub Exploit DB Packet Storm

197330	9.8	CRITICAL Network	opencats	opencats	OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:Activ…	CWE-502 Deserialization of Untrusted Data	CVE-2021-25294	2024-11-21 14:54	2021-01-18	Show	GitHub Exploit DB Packet Storm