Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232031	7.5	危険	wogan may	-	LiteNews の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3507	2012-12-20 18:52	2008-08-7	Show	GitHub Exploit DB Packet Storm

232032	7.5	危険	polypager	-	PolyPager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3506	2012-12-20 18:52	2008-08-6	Show	GitHub Exploit DB Packet Storm

232033	4.3	警告	polypager	-	PolyPager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3505	2012-12-20 18:52	2008-08-6	Show	GitHub Exploit DB Packet Storm

232034	5	警告	webgui	-	Plain Black WebGUI の RSSFromParent における重要な情報を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-3503	2012-12-20 18:52	2008-06-20	Show	GitHub Exploit DB Packet Storm

232035	5	警告	RealVNC	-	RealVNC Windows Client の vncviewer.exe におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-3493	2012-12-20 18:52	2008-08-6	Show	GitHub Exploit DB Packet Storm

232036	7.5	危険	scripts24	-	Scripts24 iPost および iTGP の go.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3491	2012-12-20 18:52	2008-08-6	Show	GitHub Exploit DB Packet Storm

232037	7.5	危険	phpx	-	PHPX の includes/functions.inc.php の checkCookie 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3489	2012-12-20 18:52	2008-08-6	Show	GitHub Exploit DB Packet Storm

232038	7.5	危険	phpauctions	-	PHPAuction GPL の profile.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3487	2012-12-20 18:52	2008-08-6	Show	GitHub Exploit DB Packet Storm

232039	4.3	警告	screwturn	-	ScrewTurn Wiki におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3483	2012-12-20 18:52	2008-08-5	Show	GitHub Exploit DB Packet Storm

232040	2.6	注意	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3457	2012-12-20 18:52	2008-07-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199281	9.8	CRITICAL Network	abb	omnicore_c30_firmware	A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected S…	CWE-306 Missing Authentication for Critical Function	CVE-2021-22279	2024-11-21 14:49	2021-12-14	Show	GitHub Exploit DB Packet Storm

199282	7.5	HIGH Network	anker	eufy_homebase_2_firmware	An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. Generic network sniffing can lead to passwo…	CWE-287 Improper Authentication	CVE-2021-21955	2024-11-21 14:49	2021-12-10	Show	GitHub Exploit DB Packet Storm

199283	9.9	CRITICAL Network	anker	eufy_homebase_2_firmware	A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can le…	CWE-78 OS Command	CVE-2021-21954	2024-11-21 14:49	2021-12-10	Show	GitHub Exploit DB Packet Storm

199284	7.3	HIGH Local	dreamreport	remote_connector	A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabiliti…	NVD-CWE-Other	CVE-2021-21957	2024-11-21 14:49	2021-12-9	Show	GitHub Exploit DB Packet Storm

199285	10.0	CRITICAL Network	anker	eufy_homebase_2_firmware	An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file…	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2021-21951	2024-11-21 14:49	2021-12-9	Show	GitHub Exploit DB Packet Storm

199286	10.0	CRITICAL Network	anker	eufy_homebase_2_firmware	An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_respon…	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2021-21950	2024-11-21 14:49	2021-12-9	Show	GitHub Exploit DB Packet Storm

199287	7.5	HIGH Network	gitlab	gitlab	Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2021-22170	2024-11-21 14:49	2021-12-7	Show	GitHub Exploit DB Packet Storm

199288	6.5	MEDIUM Network	vmware	spring_advanced_message_queuing_protocol	In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString() method, will create a new String object from the message body, regardless of its size. Thi…	CWE-502 Deserialization of Untrusted Data	CVE-2021-22095	2024-11-21 14:49	2021-12-1	Show	GitHub Exploit DB Packet Storm

199289	9.8	CRITICAL Network	vmware	vcenter_server	The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-22049	2024-11-21 14:49	2021-11-25	Show	GitHub Exploit DB Packet Storm

199290	7.5	HIGH Network	vmware	vcenter_server cloud_foundation	The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain acce…	NVD-CWE-noinfo	CVE-2021-21980	2024-11-21 14:49	2021-11-25	Show	GitHub Exploit DB Packet Storm