Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232451	6.5	警告	PhpFreeChat	-	phpFreeChat におけるセッションをハイジャックされる脆弱性	CWE-287 不適切な認証	CVE-2008-3428	2012-12-20 18:52	2008-07-31	Show	GitHub Exploit DB Packet Storm

232452	6.5	警告	サン・マイクロシステムズ	-	Sun N1 SPS の Sun Java System Web Server プラグインにおける Web サーバへの管理アクセス権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-3425	2012-12-20 18:52	2008-07-30	Show	GitHub Exploit DB Packet Storm

232453	7.5	危険	willo	-	Mobius for Mimsy XG における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3420	2012-12-20 18:52	2008-07-31	Show	GitHub Exploit DB Packet Storm

232454	7.5	危険	willo	-	TriO の browse.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3418	2012-12-20 18:52	2008-07-31	Show	GitHub Exploit DB Packet Storm

232455	7.5	危険	siteadmin	-	SiteAdmin の line2.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3414	2012-12-20 18:52	2008-07-31	Show	GitHub Exploit DB Packet Storm

232456	5	警告	phplinkat	-	phpLinkat における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-3407	2012-12-20 18:52	2008-07-31	Show	GitHub Exploit DB Packet Storm

232457	7.5	危険	phplinkat	-	TribunaLibre の ftag.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3406	2012-12-20 18:52	2008-07-31	Show	GitHub Exploit DB Packet Storm

232458	4.3	警告	xrms	-	XRMS CRM における設定情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-3400	2012-12-20 18:52	2008-07-31	Show	GitHub Exploit DB Packet Storm

232459	6.8	警告	xrms	-	XRMS CRM の activities/workflow-activities.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-3399	2012-12-20 18:52	2008-07-31	Show	GitHub Exploit DB Packet Storm

232460	2.6	注意	xrms	-	XRMS CRM におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3398	2012-12-20 18:52	2008-07-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199871	7.5	HIGH Network	vmware	vcenter_server cloud_foundation	The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to c…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2021-22009	2024-11-21 14:49	2021-09-23	Show	GitHub Exploit DB Packet Storm

199872	7.5	HIGH Network	vmware	vcenter_server cloud_foundation	The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sendin…	NVD-CWE-noinfo	CVE-2021-22008	2024-11-21 14:49	2021-09-23	Show	GitHub Exploit DB Packet Storm

199873	5.5	MEDIUM Local	vmware	vcenter_server cloud_foundation	The vCenter Server contains a local information disclosure vulnerability in the Analytics service. An authenticated user with non-administrative privilege may exploit this issue to gain access to sen…	NVD-CWE-noinfo	CVE-2021-22007	2024-11-21 14:49	2021-09-23	Show	GitHub Exploit DB Packet Storm

199874	7.5	HIGH Network	vmware	vcenter_server cloud_foundation	The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issu…	NVD-CWE-noinfo	CVE-2021-22006	2024-11-21 14:49	2021-09-23	Show	GitHub Exploit DB Packet Storm

199875	9.8	CRITICAL Network	vmware	vcenter_server cloud_foundation	The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code…	CWE-22 Path Traversal	CVE-2021-22005	2024-11-21 14:49	2021-09-23	Show	GitHub Exploit DB Packet Storm

199876	6.5	MEDIUM Network	vmware	vcenter_server cloud_foundation	The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-21993	2024-11-21 14:49	2021-09-23	Show	GitHub Exploit DB Packet Storm

199877	6.5	MEDIUM Network	vmware	vcenter_server cloud_foundation	The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client (HTML5) or…	NVD-CWE-noinfo	CVE-2021-21992	2024-11-21 14:49	2021-09-23	Show	GitHub Exploit DB Packet Storm

199878	7.8	HIGH Local	vmware	vcenter_server cloud_foundation	The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may explo…	NVD-CWE-noinfo	CVE-2021-21991	2024-11-21 14:49	2021-09-23	Show	GitHub Exploit DB Packet Storm

199879	8.8	HIGH Network	elastic	enterprise_search	Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization via an alternate route. Using this vulnerability, an authenticated att…	CWE-862 Missing Authorization	CVE-2021-22149	2024-11-21 14:49	2021-09-15	Show	GitHub Exploit DB Packet Storm

199880	8.8	HIGH Network	elastic	enterprise_search	Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the same engines as their creator. This could lead to a less privileged user ga…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2021-22148	2024-11-21 14:49	2021-09-15	Show	GitHub Exploit DB Packet Storm