Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246181 7.5 危険 f-cimag-in
Joomla!		 - Joomla! 用 BookFlip コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2390 2012-06-26 16:10 2009-07-9 Show GitHub Exploit DB Packet Storm
246182 9.3 危険 awingsoft - Awingsoft Awakening Winds3D Viewer プラグインにおける任意のファイルをダウンロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2009-2386 2012-06-26 16:10 2009-07-10 Show GitHub Exploit DB Packet Storm
246183 7.5 危険 Simple Machines
fustrate		 - SMF 用 Member Awards コンポーネントの awardsMembers 関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2385 2012-06-26 16:10 2009-07-8 Show GitHub Exploit DB Packet Storm
246184 7.5 危険 blogtrafficexchange
WordPress.org		 - WordPress 用の Related Sites プラグインの BTE_RW_Webajax.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2383 2012-06-26 16:10 2009-07-8 Show GitHub Exploit DB Packet Storm
246185 5 警告 gizmo5 - Linux 上の Gizmo における任意のユーザの資格情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2009-2381 2012-06-26 16:10 2009-07-8 Show GitHub Exploit DB Packet Storm
246186 4.3 警告 4homepages - 4images の includes/functions.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2380 2012-06-26 16:10 2009-06-15 Show GitHub Exploit DB Packet Storm
246187 6.8 警告 BIGACE - BIGACE Web CMS の public/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-2379 2012-06-26 16:10 2009-07-1 Show GitHub Exploit DB Packet Storm
246188 4.3 警告 avax-software - AVAX-software Avax Vector ActiveX の Avax Vector ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-2377 2012-06-26 16:10 2009-07-8 Show GitHub Exploit DB Packet Storm
246189 7.5 危険 datachecknh - DataCheck Solutions ForumPal FE および ForumPal の login.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2366 2012-06-26 16:10 2009-07-8 Show GitHub Exploit DB Packet Storm
246190 7.5 危険 datachecknh - DataCheck Solutions GalleryPal FE の login.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2365 2012-06-26 16:10 2009-07-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
218091 4.9 MEDIUM
Network 		hcltech digital_experience HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users. NVD-CWE-noinfo
CVE-2020-14221 2024-11-21 14:02 2021-02-3 Show GitHub Exploit DB Packet Storm
218092 4.3 MEDIUM
Network 		atlassian crucible
fisheye 		Affected versions of Atlassian Fisheye and Crucible allow remote attackers to view a product's SEN via an Information Disclosure vulnerability in the x-asen response header from Atlassian Analytics. … CWE-200
Information Exposure 		CVE-2020-14192 2024-11-21 14:02 2021-02-2 Show GitHub Exploit DB Packet Storm
218093 7.5 HIGH
Network 		mofinetwork mofi4500-4gxelte_firmware An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account mofidev generates a predictable six-digit password. CWE-330
 Use of Insufficiently Random Values 		CVE-2020-13860 2024-11-21 14:02 2021-02-1 Show GitHub Exploit DB Packet Storm
218094 9.8 CRITICAL
Network 		mofinetwork mofi4500-4gxelte_firmware An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Configuration Interface framework, allows the… CWE-287
CWE-755
Improper Authentication
 Improper Handling of Exceptional Conditions 		CVE-2020-13859 2024-11-21 14:02 2021-02-1 Show GitHub Exploit DB Packet Storm
218095 9.8 CRITICAL
Network 		mofinetwork mofi4500-4gxelte_firmware An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They contain two undocumented administrator accounts. The sftp and mofidev accounts are defined in /etc/passw… CWE-798
 Use of Hard-coded Credentials 		CVE-2020-13858 2024-11-21 14:02 2021-02-1 Show GitHub Exploit DB Packet Storm
218096 7.5 HIGH
Network 		mofinetwork mofi4500-4gxelte_firmware An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They can be rebooted by sending an unauthenticated poof.cgi HTTP GET request. NVD-CWE-noinfo
CVE-2020-13857 2024-11-21 14:02 2021-02-1 Show GitHub Exploit DB Packet Storm
218097 7.5 HIGH
Network 		mofinetwork mofi4500-4gxelte_firmware An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. Authentication is not required to download the support file that contains sensitive information such as cleartext credentia… CWE-306
Missing Authentication for Critical Function 		CVE-2020-13856 2024-11-21 14:02 2021-02-1 Show GitHub Exploit DB Packet Storm
218098 7.2 HIGH
Network 		mi ax1800_firmware
rm1800_firmware 		There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. This affects Xiaomi router AX1800rom version < 1.0.336 and… CWE-77
Command Injection 		CVE-2020-14102 2024-11-21 14:02 2021-01-14 Show GitHub Exploit DB Packet Storm
218099 7.5 HIGH
Network 		mi ax1800_firmware
rm1800_firmware 		The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26. NVD-CWE-noinfo
CVE-2020-14101 2024-11-21 14:02 2021-01-14 Show GitHub Exploit DB Packet Storm
218100 7.5 HIGH
Network 		mi ax1800_firmware
rm1800_firmware 		The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800… CWE-662
 Improper Synchronization 		CVE-2020-14098 2024-11-21 14:02 2021-01-14 Show GitHub Exploit DB Packet Storm