Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232631 3.5 注意 xigla - Xigla Poll Manager XE の admin/search.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2768 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232632 6.5 警告 xigla - Xigla Poll Manager XE の search.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2767 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232633 4.3 警告 xigla - Xigla Absolute Image Gallery XE におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2766 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232634 7.5 危険 xigla - Xigla Absolute Image Gallery XE の gallery.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2765 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232635 3.5 注意 xigla - Xigla Absolute Live Support XE の admin/search.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2764 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232636 6.5 警告 xigla - Xigla Absolute Live Support XE の search.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2763 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232637 6.5 警告 xigla - Xigla Absolute Form Processor XE の search.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2762 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232638 3.5 注意 xigla - Xigla Absolute Banner Manager XE におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2761 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232639 6.5 警告 xigla - Xigla Absolute Banner Manager XE の searchbanners.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2760 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232640 4.3 警告 xigla - Xigla Absolute Form Processor XE におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2759 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199691 8.1 HIGH
Network 		microfocus application_lifecycle_management XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and ea… CWE-611
XXE 		CVE-2021-22498 2024-11-21 14:50 2021-01-20 Show GitHub Exploit DB Packet Storm
199692 8.8 HIGH
Network 		hgiga oaklouds_openid HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (online registration) to obtain database schema and data. CWE-89
SQL Injection 		CVE-2021-22852 2024-11-21 14:50 2021-01-19 Show GitHub Exploit DB Packet Storm
199693 9.8 CRITICAL
Network 		hgiga oaklouds_openid HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data. CWE-89
SQL Injection 		CVE-2021-22851 2024-11-21 14:50 2021-01-19 Show GitHub Exploit DB Packet Storm
199694 9.8 CRITICAL
Network 		hgiga oaklouds_portal HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions. CWE-306
Missing Authentication for Critical Function 		CVE-2021-22850 2024-11-21 14:50 2021-01-19 Show GitHub Exploit DB Packet Storm
199695 5.5 MEDIUM
Local 		google android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. The Mali GPU driver allows out-of-bounds access and a device reset. The Samsung… CWE-787
 Out-of-bounds Write 		CVE-2021-22495 2024-11-21 14:50 2021-01-6 Show GitHub Exploit DB Packet Storm
199696 5.5 MEDIUM
Local 		google android An issue was discovered in the fingerprint scanner on Samsung Note20 mobile devices with Q(10.0) software. When a screen protector is used, the required image compensation is not present. Consequentl… NVD-CWE-noinfo
CVE-2021-22494 2024-11-21 14:50 2021-01-6 Show GitHub Exploit DB Packet Storm
199697 8.8 HIGH
Adjacent 		google android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Broadcom Bluetooth chipsets) software. The Bluetooth UART driver has a buffer overflow. The Samsung ID is SVE-2020-… CWE-120
Classic Buffer Overflow 		CVE-2021-22492 2024-11-21 14:50 2021-01-6 Show GitHub Exploit DB Packet Storm
199698 7.5 HIGH
Network 		br-automation automation_studio : Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12. CWE-22
Path Traversal 		CVE-2021-22281 2024-11-21 14:49 2024-02-2 Show GitHub Exploit DB Packet Storm
199699 7.2 HIGH
Network 		elastic kibana It was discovered that a user with Fleet admin permissions could upload a malicious package. Due to using an older version of the js-yaml library, this package would be loaded in an insecure manner, … CWE-94
Code Injection 		CVE-2021-22150 2024-11-21 14:49 2023-11-22 Show GitHub Exploit DB Packet Storm
199700 - - - Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product. - CVE-2021-22280 2024-11-21 14:49 2024-05-15 Show GitHub Exploit DB Packet Storm