Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231771 6 警告 roshan singh - Open Direct Connect Hub におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1147 2012-12-20 19:29 2010-04-6 Show GitHub Exploit DB Packet Storm
231772 7.5 危険 Tiki Software Community Association - TikiWiki CMS/Groupware の Standard Remember メソッドにおけるアクセスの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1136 2012-12-20 19:29 2010-03-5 Show GitHub Exploit DB Packet Storm
231773 7.5 危険 Tiki Software Community Association - TikiWiki CMS/Groupware の user_logout 関数におけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-1135 2012-12-20 19:29 2010-03-5 Show GitHub Exploit DB Packet Storm
231774 7.5 危険 Tiki Software Community Association - TikiWiki CMS/Groupware の searchlib.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1134 2012-12-20 19:29 2010-03-5 Show GitHub Exploit DB Packet Storm
231775 7.5 危険 Tiki Software Community Association - TikiWiki CMS/Groupware における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1133 2012-12-20 19:29 2010-03-5 Show GitHub Exploit DB Packet Storm
231776 4.3 警告 tristan barczyk - KloNews の cat.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1112 2012-12-20 19:29 2010-03-25 Show GitHub Exploit DB Packet Storm
231777 7.5 危険 ScriptsFeed.com - ScriptsFeed Dating Software の searchmatch.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1096 2012-12-20 19:29 2010-03-24 Show GitHub Exploit DB Packet Storm
231778 7.5 危険 ScriptsFeed.com - ScriptsFeed Business Directory Software の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1092 2012-12-20 19:29 2010-03-24 Show GitHub Exploit DB Packet Storm
231779 4.3 警告 tornadostore - TornadoStore におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1328 2012-12-20 19:29 2010-07-6 Show GitHub Exploit DB Packet Storm
231780 7.5 危険 tornadostore - TornadoStore における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1327 2012-12-20 19:29 2010-07-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197641 5.9 MEDIUM
Network 		liferay dxp
liferay_portal 		The Portal Store module in Liferay Portal 7.0.0 through 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 does not obfuscate the … CWE-522
 Insufficiently Protected Credentials 		CVE-2021-29043 2024-11-21 15:00 2021-05-17 Show GitHub Exploit DB Packet Storm
197642 7.5 HIGH
Network 		liferay liferay_portal
dxp 		The SimpleCaptcha implementation in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.3 before fix pack 1 does not invalidate CAPTCHA answers after it is used, which allows remote attackers to repeatedly… CWE-287
Improper Authentication 		CVE-2021-29047 2024-11-21 15:00 2021-05-17 Show GitHub Exploit DB Packet Storm
197643 6.5 MEDIUM
Network 		liferay dxp Denial-of-service (DoS) vulnerability in the Multi-Factor Authentication module in Liferay DXP 7.3 before fix pack 1 allows remote authenticated attackers to prevent any user from authenticating by (… NVD-CWE-noinfo
CVE-2021-29041 2024-11-21 15:00 2021-05-17 Show GitHub Exploit DB Packet Storm
197644 5.3 MEDIUM
Network 		liferay dxp
liferay_portal 		The JSON web services in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 20 and 7.2 before fix pack 10 may provide overly verbose error messages, which a… CWE-209
Information Exposure Through an Error Message 		CVE-2021-29040 2024-11-21 15:00 2021-05-17 Show GitHub Exploit DB Packet Storm
197645 6.1 MEDIUM
Network 		liferay liferay_portal Cross-site scripting (XSS) vulnerability in the Asset module's categories administration page in Liferay Portal 7.3.4 allows remote attackers to inject arbitrary web script or HTML via the site name. CWE-79
Cross-site Scripting 		CVE-2021-29039 2024-11-21 15:00 2021-05-17 Show GitHub Exploit DB Packet Storm
197646 9.8 CRITICAL
Network 		qnap hybrid_backup_sync An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This i… NVD-CWE-Other
CVE-2021-28799 2024-11-21 15:00 2021-05-13 Show GitHub Exploit DB Packet Storm
197647 7.3 HIGH
Local 		trendmicro housecall_for_home_networks An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitra… CWE-276
Incorrect Default Permissions  		CVE-2021-28649 2024-11-21 15:00 2021-05-13 Show GitHub Exploit DB Packet Storm
197648 7.8 HIGH
Local 		jetbrains intellij_idea In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS. NVD-CWE-noinfo
CVE-2021-29263 2024-11-21 15:00 2021-05-11 Show GitHub Exploit DB Packet Storm
197649 5.3 MEDIUM
Network 		invoiceplane invoiceplane In InvoicePlane 1.5.11, the upload feature discloses the full path of the file upload directory. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-29022 2024-11-21 15:00 2021-05-11 Show GitHub Exploit DB Packet Storm
197650 8.8 HIGH
Network 		arm bifrost_gpu_kernel_driver
valhall_gpu_kernel_driver
midgard_gpu_kernel_driver 		The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifro… CWE-787
 Out-of-bounds Write 		CVE-2021-28664 2024-11-21 15:00 2021-05-11 Show GitHub Exploit DB Packet Storm