Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231491	4.3	警告	redgalaxy	-	Chris LaPointe RedGalaxy Download Center のデフォルト URI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-7134	2012-12-20 19:10	2009-09-1	Show	GitHub Exploit DB Packet Storm

231492	5	警告	xyssl	-	XySSL におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-7129	2012-12-20 19:10	2009-08-31	Show	GitHub Exploit DB Packet Storm

231493	7.5	危険	xyssl	-	XySSL の ssl_parse_client_key_exchange 関数における鍵を回復される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-7128	2012-12-20 19:10	2009-08-31	Show	GitHub Exploit DB Packet Storm

231494	7.5	危険	zkup	-	zKup CMS における管理者権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-7124	2012-12-20 19:10	2009-08-31	Show	GitHub Exploit DB Packet Storm

231495	6.8	警告	zkup	-	zKup CMS の admin/configuration/modifier.php における任意の PHP コード挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2008-7123	2012-12-20 19:10	2009-08-31	Show	GitHub Exploit DB Packet Storm

231496	7.5	危険	WeBid Support	-	WeBid auction script の item.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-7119	2012-12-20 19:10	2009-08-28	Show	GitHub Exploit DB Packet Storm

231497	5	警告	WeBid Support	-	WeBid auction script における SQL クエリログを取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-7118	2012-12-20 19:10	2009-08-28	Show	GitHub Exploit DB Packet Storm

231498	5	警告	WeBid Support	-	WeBid auction script の eledicss.php における任意のカスケードスタイルシートファイル (CSS) を変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-7117	2012-12-20 19:10	2009-08-28	Show	GitHub Exploit DB Packet Storm

231499	7.5	危険	WeBid Support	-	WeBid auction script の admin panel における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-7116	2012-12-20 19:10	2009-08-28	Show	GitHub Exploit DB Packet Storm

231500	4.3	警告	phpcart	-	Carmosa phpCart におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-7108	2012-12-20 19:10	2009-08-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200531	6.1	MEDIUM Network	zope	products.pluggableauthservice	Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an open redirect vulnerability. A maliciou…	-	CVE-2021-21337	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm

200532	9.8	CRITICAL Network	spnego_http_authentication_module_project	spnego_http_authentication_module	In the SPNEGO HTTP Authentication Module for nginx (spnego-http-auth-nginx-module) before version 1.1.1 basic Authentication can be bypassed using a malformed username. This affects users of spnego-h…	-	CVE-2021-21335	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm

200533	9.8	CRITICAL Network	ratcf	ratcf	RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication enabled are able to log in without a valid t…	-	CVE-2021-21329	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm

200534	6.5	MEDIUM Network	zope plone	products.pluggableauthservice plone	Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an information disclosure vulnerability - …	-	CVE-2021-21336	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm

200535	6.5	MEDIUM Network	minio	minio	MinIO is an open-source high performance object storage service and it is API compatible with Amazon S3 cloud storage service. In MinIO before version RELEASE.2021-03-04T00-53-13Z it is possible to b…	CWE-863 Incorrect Authorization	CVE-2021-21362	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm

200536	6.1	MEDIUM Network	mozilla	pollbot	Pollbot is open source software which "frees its human masters from the toilsome task of polling for the state of things during the Firefox release process." In Pollbot before version 1.4.4 there is …	-	CVE-2021-21354	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm

200537	7.5	HIGH Network	glpi-project	glpi	GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 non-authenticated user …	CWE-470 Unsafe Reflection	CVE-2021-21327	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm

200538	6.5	MEDIUM Network	glpi-project	glpi	GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 it is possible to creat…	-	CVE-2021-21326	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm

200539	4.8	MEDIUM Network	glpi-project	glpi	GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 a new budget type can b…	-	CVE-2021-21325	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm

200540	6.5	MEDIUM Network	glpi-project	glpi	GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 there is an Insecure Di…	-	CVE-2021-21324	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm