Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231701 4.3 警告 WordPress.org - WordPress の wp-register.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5105 2012-12-20 18:33 2007-09-26 Show GitHub Exploit DB Packet Storm
231702 6.8 警告 wordsmith - Wordsmith の config.inc.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5103 2012-12-20 18:33 2007-09-26 Show GitHub Exploit DB Packet Storm
231703 6.8 警告 wordsmith - Wordsmith の config.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5102 2012-12-20 18:33 2007-09-26 Show GitHub Exploit DB Packet Storm
231704 6.8 警告 phpBB - phpBB Plus における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5100 2012-12-20 18:33 2007-09-26 Show GitHub Exploit DB Packet Storm
231705 7.5 危険 sk.log - sk.log の php-inc/log.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5089 2012-12-20 18:33 2007-09-26 Show GitHub Exploit DB Packet Storm
231706 4.3 警告 sisd - Freeside の search/cust_bill_event.cgi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5088 2012-12-20 18:33 2007-09-26 Show GitHub Exploit DB Packet Storm
231707 10 危険 quiksoft - Quiksoft EasyMail MessagePrinter Object の emprint.DLL におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5070 2012-12-20 18:33 2007-09-24 Show GitHub Exploit DB Packet Storm
231708 7.5 危険 phpfullannu - PFA の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5068 2012-12-20 18:33 2007-09-24 Show GitHub Exploit DB Packet Storm
231709 6.8 警告 迅雷 - Xunlei Web Thunder の特定の ActiveX コントロールなどにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5064 2012-12-20 18:33 2007-09-24 Show GitHub Exploit DB Packet Storm
231710 4.3 警告 xcms - XCMS の index.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-5060 2012-12-20 18:33 2007-09-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197961 7.2 HIGH
Network 		openmage magento Magento-lts is a long-term support alternative to Magento Community Edition (CE). A vulnerability in magento-lts versions before 19.4.13 and 20.0.9 potentially allows an administrator unauthorized ac… - CVE-2021-21427 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
197962 9.8 CRITICAL
Network 		openmage magento Magento-lts is a long-term support alternative to Magento Community Edition (CE). In magento-lts versions 19.4.12 and prior and 20.0.8 and prior, there is a vulnerability caused by the unsecured dese… - CVE-2021-21426 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
197963 4.3 MEDIUM
Network 		jenkins cloudbees_cd Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item… - CVE-2021-21647 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
197964 8.8 HIGH
Network 		jenkins templating_engine Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code … - CVE-2021-21646 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
197965 4.3 MEDIUM
Network 		jenkins config_file_provider Jenkins Config File Provider Plugin 3.7.0 and earlier does not perform permission checks in several HTTP endpoints, attackers with Overall/Read permission to enumerate configuration file IDs. - CVE-2021-21645 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
197966 5.4 MEDIUM
Network 		jenkins config_file_provider A cross-site request forgery (CSRF) vulnerability in Jenkins Config File Provider Plugin 3.7.0 and earlier allows attackers to delete configuration files corresponding to an attacker-specified ID. CWE-352
 Origin Validation Error 		CVE-2021-21644 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
197967 6.5 MEDIUM
Network 		jenkins config_file_provider Jenkins Config File Provider Plugin 3.7.0 and earlier does not correctly perform permission checks in several HTTP endpoints, allowing attackers with global Job/Configure permission to enumerate syst… - CVE-2021-21643 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
197968 8.1 HIGH
Network 		jenkins config_file_provider Jenkins Config File Provider Plugin 3.7.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. CWE-611
XXE 		CVE-2021-21642 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
197969 6.7 MEDIUM
Local 		dell powerscale_onefs Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root. CWE-78
OS Command  		CVE-2021-21526 2024-11-21 14:48 2021-04-21 Show GitHub Exploit DB Packet Storm
197970 7.5 HIGH
Network 		filecoin lotus Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms: "serialized"… - CVE-2021-21405 2024-11-21 14:48 2021-04-16 Show GitHub Exploit DB Packet Storm