Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248271 4.3 警告 CKEditor Team - FCKEditorto の "Basic Toolbar Selection" におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-6978 2012-06-26 15:38 2007-02-8 Show GitHub Exploit DB Packet Storm
248272 4.3 警告 freetextbox - FreeTextBox の "Basic Toolbar Selection" におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-6977 2012-06-26 15:38 2007-02-8 Show GitHub Exploit DB Packet Storm
248273 7.5 危険 centipaid - CentiPaid の centipaid_class.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-6976 2012-06-26 15:38 2007-02-8 Show GitHub Exploit DB Packet Storm
248274 7.5 危険 bti-tracker - BtitTracker の torrents.php における SQL インジェクションの脆弱性 - CVE-2006-6972 2012-06-26 15:38 2007-02-7 Show GitHub Exploit DB Packet Storm
248275 4.3 警告 Andreas Gohr - DokuWiki の lib/exe/fetch.php におけるCRLF インジェクションの脆弱性 - CVE-2006-6965 2012-06-26 15:38 2007-01-29 Show GitHub Exploit DB Packet Storm
248276 7.5 危険 Docebo - Docebo LMS における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6963 2012-06-26 15:38 2007-01-29 Show GitHub Exploit DB Packet Storm
248277 6.8 警告 Docebo - Docebo の addons/mod_media/body.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-6957 2012-06-26 15:38 2007-01-29 Show GitHub Exploit DB Packet Storm
248278 7.5 危険 Bitweaver - bitweaver の newsletters/edition.php における SQL インジェクションの脆弱性 - CVE-2006-6923 2012-06-26 15:38 2007-01-12 Show GitHub Exploit DB Packet Storm
248279 7.5 危険 deadlock user management system - phpdeadlock における SQL インジェクションの脆弱性 - CVE-2006-6922 2012-06-26 15:38 2007-01-12 Show GitHub Exploit DB Packet Storm
248280 10 危険 geobb - GeoBB の Admin ログインにおける詳細不明な脆弱性 - CVE-2006-6918 2012-06-26 15:38 2007-01-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197711 7.1 HIGH
Local 		huawei harmonyos A component of the HarmonyOS has a Privilege Dropping / Lowering Errors vulnerability. Local attackers may exploit this vulnerability to obtain Kernel space read/write capability. CWE-269
 Improper Privilege Management 		CVE-2021-22326 2024-11-21 14:49 2021-06-30 Show GitHub Exploit DB Packet Storm
197712 5.3 MEDIUM
Network 		huawei ecns280_firmware There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not perform the strict operation to the input XML message. Attacker can send specific message to exploit … CWE-611
XXE 		CVE-2021-22338 2024-11-21 14:49 2021-06-30 Show GitHub Exploit DB Packet Storm
197713 4.9 MEDIUM
Network 		huawei ips_module_firmware
ngfw_module_firmware
nip6300_firmware
nip6600_firmware
secospace_usg6300_firmware
secospace_usg6500_firmware
secospace_usg6600_firmware 		There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations.… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2021-22341 2024-11-21 14:49 2021-06-30 Show GitHub Exploit DB Packet Storm
197714 4.9 MEDIUM
Network 		huawei s12700_firmware
s1700_firmware
s2700_firmware
s5700_firmware
s6700_firmware
s7700_firmware
s9700_firmware 		There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to … NVD-CWE-noinfo
CVE-2021-22329 2024-11-21 14:49 2021-06-30 Show GitHub Exploit DB Packet Storm
197715 7.8 HIGH
Local 		poweriso poweriso A memory corruption vulnerability exists in the DMG File Format Handler functionality of PowerISO 7.9. A specially crafted DMG file can lead to an out-of-bounds write. An attacker can provide a malic… CWE-787
 Out-of-bounds Write 		CVE-2021-21871 2024-11-21 14:49 2021-06-30 Show GitHub Exploit DB Packet Storm
197716 4.1 MEDIUM
Local 		huawei manageone
smc2.0 		There is a multiple threads race condition vulnerability in Huawei product. A race condition exists for concurrent I/O read by multiple threads. An attacker with the root permission can exploit this … CWE-362
Race Condition 		CVE-2021-22340 2024-11-21 14:49 2021-06-30 Show GitHub Exploit DB Packet Storm
197717 7.5 HIGH
Network 		vmware
oracle 		spring_security
communications_cloud_native_core_policy 		Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Auth… CWE-863
 Incorrect Authorization 		CVE-2021-22119 2024-11-21 14:49 2021-06-30 Show GitHub Exploit DB Packet Storm
197718 9.1 CRITICAL
Network 		moodle moodle A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have adm… CWE-78
OS Command  		CVE-2021-21809 2024-11-21 14:49 2021-06-24 Show GitHub Exploit DB Packet Storm
197719 7.8 HIGH
Local 		vmware remote_console
app_volumes
tools 		VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior to 12.0.1) , VMware App Volumes (2.x prior to 2.18.10 and 4 prior to 2103) contain a local privilege e… CWE-427
 Uncontrolled Search Path Element 		CVE-2021-21999 2024-11-21 14:49 2021-06-23 Show GitHub Exploit DB Packet Storm
197720 9.8 CRITICAL
Network 		vmware carbon_black_app_control VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control managem… CWE-287
Improper Authentication 		CVE-2021-21998 2024-11-21 14:49 2021-06-23 Show GitHub Exploit DB Packet Storm