Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248071 7.2 危険 ブルーコートシステムズ
シトリックス・システムズ
シスコシステムズ
SafeNet, Inc		 - Cisco VPN Client などの製品で使用される dne2000.sys における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5121 2012-06-26 16:03 2008-07-18 Show GitHub Exploit DB Packet Storm
248072 9.3 危険 balabit - syslog-ng における intented jail を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5110 2012-06-26 16:03 2008-11-17 Show GitHub Exploit DB Packet Storm
248073 7.2 危険 dcgrendel
Canonical		 - Ubuntu におけるログイン制限を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-5104 2012-06-26 16:03 2008-11-13 Show GitHub Exploit DB Packet Storm
248074 7.2 危険 dcgrendel
Canonical		 - Ubuntu の VMBuilder におけるログイン制限を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-5103 2012-06-26 16:03 2008-11-13 Show GitHub Exploit DB Packet Storm
248075 10 危険 AEF Group - Electron Inc. Advanced Electron Forum における任意の PHP コードが実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5090 2012-06-26 16:03 2008-11-14 Show GitHub Exploit DB Packet Storm
248076 9.3 危険 datadynamics - Data Dynamics ActiveReports の DDActiveReportsViewer2.ARViewer2 ActiveX コントロールにおける任意のファイルを上書きされる脆弱性 CWE-Other
その他 		CVE-2008-5089 2012-06-26 16:03 2008-11-14 Show GitHub Exploit DB Packet Storm
248077 4.3 警告 Laurent Destailleur - AWStats の awstats.pl におけるクロスサイトスクリプティング攻撃を実行する脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5080 2012-06-26 16:03 2008-12-3 Show GitHub Exploit DB Packet Storm
248078 7.5 危険 deeserver - Panuwat PromoteWeb MySQL の go.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5069 2012-06-26 16:03 2008-11-14 Show GitHub Exploit DB Packet Storm
248079 10 危険 agaresmedia - Agares Media ThemeSiteScript の upload/admin/frontpage_right.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5066 2012-06-26 16:03 2008-11-13 Show GitHub Exploit DB Packet Storm
248080 6.9 警告 enomaly - ECP における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4990 2012-06-26 16:03 2009-02-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199031 6.1 MEDIUM
Network 		johndatserakis file-upload-with-preview This affects the package file-upload-with-preview before 4.2.0. A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file). CWE-79
Cross-site Scripting 		CVE-2021-23439 2024-11-21 14:51 2021-09-5 Show GitHub Exploit DB Packet Storm
199032 7.5 HIGH
Network 		python
fedoraproject 		pillow
fedora 		The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. CWE-125
Out-of-bounds Read 		CVE-2021-23437 2024-11-21 14:51 2021-09-4 Show GitHub Exploit DB Packet Storm
199033 9.8 CRITICAL
Network 		mpath_project mpath This affects the package mpath before 0.8.4. A type confusion vulnerability can lead to a bypass of CVE-2018-16490. In particular, the condition ignoreProperties.indexOf(parts[i]) !== -1 returns -1 i… CWE-843
Type Confusion 		CVE-2021-23438 2024-11-21 14:51 2021-09-2 Show GitHub Exploit DB Packet Storm
199034 9.8 CRITICAL
Network 		immer_project immer This affects the package immer before 9.0.6. A type confusion vulnerability can lead to a bypass of CVE-2020-28477 when the user-provided keys used in the path parameter are arrays. In particular, th… CWE-843
Type Confusion 		CVE-2021-23436 2024-11-21 14:51 2021-09-2 Show GitHub Exploit DB Packet Storm
199035 9.8 CRITICAL
Network 		elfinder.netcore_project elfinder.netcore This affects all versions of package elFinder.NetCore. The Path.Combine(...) method is used to create an absolute file path. Due to missing sanitation of the user input and a missing check of the gen… CWE-22
Path Traversal 		CVE-2021-23428 2024-11-21 14:51 2021-09-2 Show GitHub Exploit DB Packet Storm
199036 9.8 CRITICAL
Network 		elfinder.netcore_project elfinder.netcore This affects all versions of package elFinder.NetCore. The ExtractAsync function within the FileSystem is vulnerable to arbitrary extraction due to insufficient validation. CWE-22
Path Traversal 		CVE-2021-23427 2024-11-21 14:51 2021-09-2 Show GitHub Exploit DB Packet Storm
199037 7.5 HIGH
Network 		proto_project proto This affects all versions of package Proto. It is possible to inject pollute the object property of an application using Proto by leveraging the merge function. NVD-CWE-Other
CVE-2021-23426 2024-11-21 14:51 2021-09-2 Show GitHub Exploit DB Packet Storm
199038 8.6 HIGH
Network 		object-path_project
debian 		object-path
debian_linux 		This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular… CWE-843
Type Confusion 		CVE-2021-23434 2024-11-21 14:51 2021-08-28 Show GitHub Exploit DB Packet Storm
199039 9.8 CRITICAL
Network 		mootools_project mootools This affects all versions of package mootools. This is due to the ability to pass untrusted input to Object.merge() NVD-CWE-noinfo
CVE-2021-23432 2024-11-21 14:51 2021-08-24 Show GitHub Exploit DB Packet Storm
199040 8.8 HIGH
Network 		joplinapp joplin The package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms. CWE-352
 Origin Validation Error 		CVE-2021-23431 2024-11-21 14:51 2021-08-24 Show GitHub Exploit DB Packet Storm