Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 26, 2026, 10:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231531	7.5	危険	smartisoft	-	phpBazar における管理コントロールパネルへのアクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4222	2012-12-20 19:28	2009-12-7	Show	GitHub Exploit DB Packet Storm

231532	7.5	危険	smartisoft	-	phpBazar の classified.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4221	2012-12-20 19:28	2009-12-7	Show	GitHub Exploit DB Packet Storm

231533	7.5	危険	raphael mazoyer	-	PointComma の includes/classes/pctemplate.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-4220	2012-12-20 19:28	2009-12-7	Show	GitHub Exploit DB Packet Storm

231534	7.5	危険	ringsworld	-	Flashlight Free Edition の admin.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4205	2012-12-20 19:28	2009-12-4	Show	GitHub Exploit DB Packet Storm

231535	7.5	危険	ringsworld	-	Flashlight Free Edition の read.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4204	2012-12-20 19:28	2009-12-4	Show	GitHub Exploit DB Packet Storm

231536	7.5	危険	vollmar	-	Joomla! 用の Seminar コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4200	2012-12-20 19:28	2009-12-4	Show	GitHub Exploit DB Packet Storm

231537	7.2	危険	サン・マイクロシステムズ	-	x86-64 platform 上で稼動する Sun Solaris などのカーネルにおける権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2009-4191	2012-12-20 19:28	2009-12-3	Show	GitHub Exploit DB Packet Storm

231538	7.8	危険	サン・マイクロシステムズ	-	Sun OpenSolaris のカーネルにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2009-4190	2012-12-20 19:28	2009-12-3	Show	GitHub Exploit DB Packet Storm

231539	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Portal Server の Gateway コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4187	2012-12-20 19:28	2009-12-1	Show	GitHub Exploit DB Packet Storm

231540	4.3	警告	Yahoo!	-	Yahoo! Messenger 用の YahooBridgeLib.dll におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2009-4171	2012-12-20 19:28	2009-12-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 26, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196521	9.8	CRITICAL Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell (or tshell).	CWE-787 Out-of-bounds Write	CVE-2021-27171	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

196522	9.8	CRITICAL Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no firewall rules for IPv6 connectivity, exposing the internal management interfaces to the Internet.	CWE-922 Insecure Storage of Sensitive Information	CVE-2021-27170	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

196523	9.8	CRITICAL Network	fiberhome	an5506-04-fa_firmware	An issue was discovered on FiberHome AN5506-04-FA devices with firmware RP2631. There is a gepon password for the gepon account.	CWE-798 Use of Hard-coded Credentials	CVE-2021-27169	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

196524	9.8	CRITICAL Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. There is a 6GFJdY4aAuUKJjdtSn7d password for the rdsadmin account.	CWE-798 Use of Hard-coded Credentials	CVE-2021-27168	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

196525	9.8	CRITICAL Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. There is a password of four hexadecimal characters for the admin account. These characters are generated in init_3bb_password in l…	CWE-798 Use of Hard-coded Credentials	CVE-2021-27167	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

196526	9.8	CRITICAL Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. The password for the enable command is gpon.	CWE-798 Use of Hard-coded Credentials	CVE-2021-27166	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

196527	9.8	CRITICAL Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. The telnet daemon on port 23/tcp can be abused with the gpon/gpon credentials.	CWE-798 Use of Hard-coded Credentials	CVE-2021-27165	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

196528	9.8	CRITICAL Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / aisadmin credentials for an ISP.	CWE-798 Use of Hard-coded Credentials	CVE-2021-27164	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

196529	9.8	CRITICAL Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / tele1234 credentials for an ISP.	CWE-798 Use of Hard-coded Credentials	CVE-2021-27163	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

196530	9.8	CRITICAL Network	fiberhome	hg6245d_firmware	An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP.	CWE-798 Use of Hard-coded Credentials	CVE-2021-27162	2024-11-21 14:57	2021-02-11	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed