Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248151	10	危険	BMC Software	-	BMC PATROL Agent におけるフォーマットストリングの脆弱性	CWE-134 書式文字列の問題	CVE-2008-5982	2012-06-26 16:10	2009-01-27	Show	GitHub Exploit DB Packet Storm

248152	7.5	危険	Activewebsoftwares	-	Active Price Comparison の links.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5975	2012-06-26 16:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

248153	7.5	危険	Activewebsoftwares	-	Active Price Comparison の login.aspx における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5974	2012-06-26 16:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

248154	7.5	危険	Activewebsoftwares	-	Active Web Mail の login.aspx における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5973	2012-06-26 16:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

248155	7.5	危険	Activewebsoftwares	-	Active Business Directory の default.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5972	2012-06-26 16:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

248156	7.5	危険	globsy	-	Globsy の globsy_edit.php における任意のファイルを上書きされる脆弱性	CWE-20 不適切な入力確認	CVE-2008-5966	2012-06-26 16:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

248157	10	危険	gravity-gtd	-	Gravity GTD の library/setup/rpc.php における任意の PHP コードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-5963	2012-06-26 16:10	2009-01-23	Show	GitHub Exploit DB Packet Storm

248158	6.8	警告	gravity-gtd	-	Gravity GTD の library/setup/rpc.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5962	2012-06-26 16:10	2009-01-23	Show	GitHub Exploit DB Packet Storm

248159	7.5	危険	Activewebsoftwares	-	Active Test の start.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5959	2012-06-26 16:10	2009-01-23	Show	GitHub Exploit DB Packet Storm

248160	7.5	危険	Activewebsoftwares	-	Active Test における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5958	2012-06-26 16:10	2009-01-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
201321	2.5	LOW Local	sudo_project netapp fedoraproject debian	sudo cloud_backup solidfire hci_management_node fedora debian_linux	The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled…	CWE-59 Link Following	CVE-2021-23239	2024-11-21 14:51	2021-01-12	Show	GitHub Exploit DB Packet Storm

201322	5.3	MEDIUM Network	opera	opera_mini	Opera Mini for Android below 53.1 displays URL left-aligned in the address field. This allows a malicious attacker to craft a URL with a long domain name, e.g. www.safe.opera.com.attacker.com. With t…	NVD-CWE-Other	CVE-2021-23253	2024-11-21 14:51	2021-01-12	Show	GitHub Exploit DB Packet Storm

201323	5.3	MEDIUM Network	mercusys	mercury_x18g_firmware	MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ to the UPnP server, as demonstrated by the /../../conf/template/uhttpd.json URI.	CWE-22 Path Traversal	CVE-2021-23242	2024-11-21 14:51	2021-01-8	Show	GitHub Exploit DB Packet Storm

201324	5.3	MEDIUM Network	mercusys	mercury_x18g_firmware	MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess…	CWE-22 Path Traversal	CVE-2021-23241	2024-11-21 14:51	2021-01-8	Show	GitHub Exploit DB Packet Storm

201325	-		-	-	A potential vulnerability has been identified for OpenText Operations Bridge Reporter. The vulnerability could be exploited to inject malicious SQL queries. An attack requires to be an authenticate…	-	CVE-2021-22508	2024-11-21 14:50	2024-05-18	Show	GitHub Exploit DB Packet Storm

201326	7.8	HIGH Local	ti	real-time_operating_system simplelink_cc26xx_software_development_kit simplelink_cc13xx_software_development_kit simplelink_cc32xx_software_development_kit simplelink_msp432e411y simpl…	Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulne…	CWE-190 Integer Overflow or Wraparound	CVE-2021-22636	2024-11-21 14:50	2023-11-21	Show	GitHub Exploit DB Packet Storm

201327	7.5	HIGH Network	schneider-electric	modicon_m340_bmxp341000_firmware modicon_m340_bmxp342000_firmware modicon_m340_bmxp342010_firmware modicon_m340_bmxp3420102_firmware modicon_m340_bmxp342020_firmware modicon_m340_bmxp3…	A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Aff…	-	CVE-2021-22786	2024-11-21 14:50	2023-02-1	Show	GitHub Exploit DB Packet Storm

201328	7.5	HIGH Network	cassianetworks	access_controller	An attacker may be able to use minify route with a relative path to view any file on the Cassia Networks Access Controller prior to 2.0.1.	CWE-22 Path Traversal	CVE-2021-22685	2024-11-21 14:50	2022-10-15	Show	GitHub Exploit DB Packet Storm

201329	9.8	CRITICAL Network	ovarro	twinsoft tbox_lt2-530_firmware tbox_lt2-532_firmware tbox_lt2-540_firmware tbox_ms-cpu32_firmware tbox_ms-cpu32-s2_firmware tbox_rm2_firmware tbox_tg2_firmware	An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft, which could lead to code execution.	CWE-22 Path Traversal	CVE-2021-22650	2024-11-21 14:50	2022-07-29	Show	GitHub Exploit DB Packet Storm

201330	9.8	CRITICAL Network	ovarro	twinsoft tbox_lt2-530_firmware tbox_lt2-532_firmware tbox_lt2-540_firmware tbox_ms-cpu32_firmware tbox_ms-cpu32-s2_firmware tbox_rm2_firmware tbox_tg2_firmware	Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2021-22648	2024-11-21 14:50	2022-07-29	Show	GitHub Exploit DB Packet Storm