Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231771 7.5 危険 sisfo kampus - Sisfo Kampus 2006 の blanko.preview.php における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-4820 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
231772 4.3 警告 txx cms - Txx CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-4819 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
231773 7.5 危険 txx cms - Txx CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4818 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
231774 7.5 危険 tlm cms - TLM CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-4808 2012-12-20 18:33 2007-09-11 Show GitHub Exploit DB Packet Storm
231775 5 警告 ソフォス - Sophos Anti-Virus のウィルス検出エンジンにおけるマルウェアの検出を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4787 2012-12-20 18:33 2007-09-10 Show GitHub Exploit DB Packet Storm
231776 7.5 危険 tim jackson - PHPOF の dbmodules/DB_adodb.class.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4763 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
231777 7.5 危険 phpmytourney - phpMytourney の menu.php における PHP リモートファイルインクルージョンの脆弱性 CWE-20
不適切な入力確認 		CVE-2007-4757 2012-12-20 18:33 2007-09-8 Show GitHub Exploit DB Packet Storm
231778 5 警告 Thomson - Thomson ST 2030 SIP 電話機におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-4753 2012-12-20 18:33 2007-09-7 Show GitHub Exploit DB Packet Storm
231779 6.8 警告 ppstream - PPStream の PowerPlayer.dll ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4748 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
231780 9.3 危険 telecom italy - Telecom Italy Alice Messenger の Hp.Revolution.RegistryManager.dll 1 におけるレジストリキーを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4740 2012-12-20 18:33 2007-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197901 9.8 CRITICAL
Network 		accusoft imagegear A heap-based buffer overflow vulnerability exists in the PSD read_icc_icCurve_data functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an integer overflow that, i… CWE-787
 Out-of-bounds Write 		CVE-2021-21795 2024-11-21 14:48 2021-06-12 Show GitHub Exploit DB Packet Storm
197902 6.1 MEDIUM
Network 		jenkins kiuwan Jenkins Kiuwan Plugin 1.6.0 and earlier does not escape query parameters in an error message for a form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability. CWE-79
Cross-site Scripting 		CVE-2021-21666 2024-11-21 14:48 2021-06-11 Show GitHub Exploit DB Packet Storm
197903 8.8 HIGH
Network 		jenkins xebialabs_xl_deploy A cross-site request forgery (CSRF) vulnerability in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credential… CWE-352
 Origin Validation Error 		CVE-2021-21665 2024-11-21 14:48 2021-06-11 Show GitHub Exploit DB Packet Storm
197904 6.5 MEDIUM
Network 		jenkins xebialabs_xl_deploy An incorrect permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Generic Create permission to connect to an attacker-specified URL using attacker-specified… CWE-863
 Incorrect Authorization 		CVE-2021-21664 2024-11-21 14:48 2021-06-11 Show GitHub Exploit DB Packet Storm
197905 4.3 MEDIUM
Network 		jenkins xebialabs_xl_deploy A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 7.5.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified crede… - CVE-2021-21663 2024-11-21 14:48 2021-06-11 Show GitHub Exploit DB Packet Storm
197906 4.3 MEDIUM
Network 		jenkins xebialabs_xl_deploy A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins. - CVE-2021-21662 2024-11-21 14:48 2021-06-11 Show GitHub Exploit DB Packet Storm
197907 4.3 MEDIUM
Network 		jenkins kubernetes Jenkins Kubernetes CLI Plugin 1.10.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credenti… - CVE-2021-21661 2024-11-21 14:48 2021-06-11 Show GitHub Exploit DB Packet Storm
197908 7.2 HIGH
Network 		zte zxhn_hs562_firmware A smart camera product of ZTE is impacted by a permission and access control vulnerability. Due to the defect of user permission management by the cloud-end app, users whose sharing permissions have … CWE-276
Incorrect Default Permissions  		CVE-2021-21736 2024-11-21 14:48 2021-06-10 Show GitHub Exploit DB Packet Storm
197909 6.5 MEDIUM
Network 		zte zxhn_h168n_firmware A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user inf… CWE-281
 Improper Preservation of Permissions 		CVE-2021-21735 2024-11-21 14:48 2021-06-10 Show GitHub Exploit DB Packet Storm
197910 6.1 MEDIUM
Network 		sap netweaver_application_server_abap SAP NetWeaver AS for ABAP (Web Survey), versions - 700, 702, 710, 711, 730, 731, 750, 750, 752, 75A, 75F, does not sufficiently encode input and output parameters which results in reflected cross sit… CWE-79
Cross-site Scripting 		CVE-2021-21490 2024-11-21 14:48 2021-06-9 Show GitHub Exploit DB Packet Storm