Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231761 4.3 警告 phpcredo - PHCDownload の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6669 2012-12-20 18:34 2008-01-7 Show GitHub Exploit DB Packet Storm
231762 7.5 危険 Zenphoto - Zenphoto の rss.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6666 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
231763 7.5 危険 webportal - WebPortal CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6664 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
231764 7.5 危険 pragmaticutopia - Joomla! 用の Pragmatic Utopia PU Arcade コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6663 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
231765 7.5 危険 xcms - XCMS の cpie.php における静的コードを直接挿入する攻撃を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6652 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
231766 5 警告 sanybee gallery - SanyBee Gallery の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6648 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
231767 7.5 危険 W-Agora - w-Agora の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6647 2012-12-20 18:34 2008-01-4 Show GitHub Exploit DB Packet Storm
231768 6.8 警告 xml2owl - xml2owl の showCode.php における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6632 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
231769 6.8 警告 pnphpbb - PNphpBB2 の printview.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6624 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
231770 5 警告 zeuscms - ZeusCMS における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6623 2012-12-20 18:34 2008-01-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199331 7.5 HIGH
Network 		qualcomm apq8009w_firmware
apq8017_firmware
apq8053_firmware
apq8064au_firmware
apq8096au_firmware
aqt1000_firmware
msm8909w_firmware
msm8917_firmware
msm8937_firmware
msm8953_firmw… 		Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IO… CWE-476
 NULL Pointer Dereference 		CVE-2021-1936 2024-11-21 14:45 2021-10-20 Show GitHub Exploit DB Packet Storm
199332 8.4 HIGH
Local 		qualcomm aqt1000_firmware
ar8035_firmware
qca6390_firmware
qca6420_firmware
qca6430_firmware
qca6574a_firmware
qca6574au_firmware
qca6595_firmware
qca6595au_firmware
qca6696_firmwar… 		Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit… NVD-CWE-Other
CVE-2021-1932 2024-11-21 14:45 2021-10-20 Show GitHub Exploit DB Packet Storm
199333 8.4 HIGH
Local 		qualcomm apq8017_firmware
apq8053_firmware
aqt1000_firmware
msm8917_firmware
msm8953_firmware
qca6174a_firmware
qca6390_firmware
qca6391_firmware
qca6420_firmware
qca6430_firmware 		Null pointer dereference can occur due to memory allocation failure in DIAG in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables CWE-476
 NULL Pointer Dereference 		CVE-2021-1917 2024-11-21 14:45 2021-10-20 Show GitHub Exploit DB Packet Storm
199334 8.4 HIGH
Local 		qualcomm aqt1000_firmware
ar8035_firmware
csrb31024_firmware
qca6174a_firmware
qca6390_firmware
qca6391_firmware
qca6420_firmware
qca6421_firmware
qca6426_firmware
qca6430_firmware<… 		Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdra… CWE-190
 Integer Overflow or Wraparound 		CVE-2021-1913 2024-11-21 14:45 2021-10-20 Show GitHub Exploit DB Packet Storm
199335 8.8 HIGH
Network 		zohocorp manageengine_admanager_plus ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-20131 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm
199336 8.8 HIGH
Network 		zohocorp manageengine_admanager_plus ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-20130 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm
199337 7.5 HIGH
Network 		draytek vigorconnect An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2021-20129 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm
199338 5.4 MEDIUM
Network 		draytek vigorconnect The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to stored XSS, as user input is not properly sanitized. CWE-79
Cross-site Scripting 		CVE-2021-20128 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm
199339 8.1 HIGH
Network 		draytek vigorconnect An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete… NVD-CWE-noinfo
CVE-2021-20127 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm
199340 8.8 HIGH
Network 		draytek vigorconnect Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who… CWE-352
 Origin Validation Error 		CVE-2021-20126 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm