Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231921 7.5 危険 universe - Universe CMS の vnews.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3531 2012-12-20 19:28 2009-10-2 Show GitHub Exploit DB Packet Storm
231922 4.3 警告 radscripts - RadScripts RadBids Gold の storefront.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3530 2012-12-20 19:28 2009-10-2 Show GitHub Exploit DB Packet Storm
231923 6.8 警告 radscripts - RadScripts RadBids Gold の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3529 2012-12-20 19:28 2009-10-2 Show GitHub Exploit DB Packet Storm
231924 4.3 警告 pilotgroup - PG eTraining におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3513 2012-12-20 19:28 2009-10-1 Show GitHub Exploit DB Packet Storm
231925 4.3 警告 phplemon - MyWeight におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3512 2012-12-20 19:28 2009-10-1 Show GitHub Exploit DB Packet Storm
231926 7.5 危険 Vastal I-Tech & Co. - Vastal I-Tech MMORPG Zone の view_news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3505 2012-12-20 19:28 2009-09-30 Show GitHub Exploit DB Packet Storm
231927 7.5 危険 Vastal I-Tech & Co. - Vastal I-Tech Agent Zone の view_listing.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3497 2012-12-20 19:28 2009-09-30 Show GitHub Exploit DB Packet Storm
231928 4.3 警告 Vastal I-Tech & Co. - Vastal I-Tech DVD Zone の view_mag.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3496 2012-12-20 19:28 2009-09-30 Show GitHub Exploit DB Packet Storm
231929 7.5 危険 Vastal I-Tech & Co. - Vastal I-Tech DVD Zone の view_mag.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3495 2012-12-20 19:28 2009-09-30 Show GitHub Exploit DB Packet Storm
231930 6.8 警告 todor lazarov - T-HTB Manager の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3494 2012-12-20 19:28 2009-09-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197751 6.5 MEDIUM
Network 		microsoft windows_10
windows_server_2016
windows_server_2019 		Windows Application Compatibility Cache Denial of Service Vulnerability NVD-CWE-noinfo
CVE-2021-28311 2024-11-21 14:59 2021-04-14 Show GitHub Exploit DB Packet Storm
197752 7.8 HIGH
Local 		microsoft windows_server_2019
windows_server_2004
windows_10_20h2
windows_10_1809
windows_10_1909
windows_10_1803
windows_10_2004
windows_server_20h2
windows_server_1909 		Win32k Elevation of Privilege Vulnerability CWE-787
 Out-of-bounds Write 		CVE-2021-28310 2024-11-21 14:59 2021-04-14 Show GitHub Exploit DB Packet Storm
197753 5.5 MEDIUM
Local 		microsoft windows_server_2008
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_7
windows_rt_8.1
windows_server_2019 		Windows Kernel Information Disclosure Vulnerability NVD-CWE-noinfo
CVE-2021-28309 2024-11-21 14:59 2021-04-14 Show GitHub Exploit DB Packet Storm
197754 6.5 MEDIUM
Network 		mitake smart_stock_selection Mitake smart stock selection system contains a broken authentication vulnerability. By manipulating the parameters in the URL, remote attackers can gain the privileged permissions to access transacti… CWE-287
Improper Authentication 		CVE-2021-28174 2024-11-21 14:59 2021-04-8 Show GitHub Exploit DB Packet Storm
197755 6.5 MEDIUM
Network 		eclipse mosquitto In Eclipse Mosquitto version 2.0.0 to 2.0.9, if an authenticated client that had connected with MQTT v5 sent a crafted CONNACK message to the broker, a NULL pointer dereference would occur. CWE-476
 NULL Pointer Dereference 		CVE-2021-28166 2024-11-21 14:59 2021-04-8 Show GitHub Exploit DB Packet Storm
197756 8.8 HIGH
Network 		citsmart citsmart CITSmart before 9.1.2.28 mishandles the "filtro de autocomplete." CWE-89
SQL Injection 		CVE-2021-28142 2024-11-21 14:59 2021-04-7 Show GitHub Exploit DB Packet Storm
197757 7.5 HIGH
Network 		ikuai8 ikuaios iKuaiOS 3.4.8 Build 202012291059 has an arbitrary file download vulnerability, which can be exploited by attackers to obtain sensitive information. NVD-CWE-noinfo
CVE-2021-28075 2024-11-21 14:59 2021-04-6 Show GitHub Exploit DB Packet Storm
197758 9.8 CRITICAL
Network 		deltaflow_project deltaflow The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-28173 2024-11-21 14:59 2021-04-6 Show GitHub Exploit DB Packet Storm
197759 7.5 HIGH
Network 		deltaflow_project deltaflow There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage. CWE-22
Path Traversal 		CVE-2021-28172 2024-11-21 14:59 2021-04-6 Show GitHub Exploit DB Packet Storm
197760 9.8 CRITICAL
Network 		deltaflow_project deltaflow The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie. CWE-565
 Reliance on Cookies without Validation and Integrity Checking 		CVE-2021-28171 2024-11-21 14:59 2021-04-6 Show GitHub Exploit DB Packet Storm