Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 10:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248441 2.1 注意 Debian - tss における任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-1877 2012-06-26 16:02 2008-04-12 Show GitHub Exploit DB Packet Storm
248442 7.5 危険 comdev - Comdev News Publisher の home.news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1872 2012-06-26 16:02 2008-04-17 Show GitHub Exploit DB Packet Storm
248443 7.5 危険 geek247 - PIGMy-SQL の getdata.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1870 2012-06-26 16:02 2008-04-17 Show GitHub Exploit DB Packet Storm
248444 6.8 警告 exbb - ExBB Italia におけるチェックを回避される脆弱性 CWE-20
CWE-94
CVE-2008-1862 2012-06-26 16:02 2008-04-17 Show GitHub Exploit DB Packet Storm
248445 5.1 警告 exbb - ExBB Italia の modules/threadstop/threadstop.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1861 2012-06-26 16:02 2008-04-17 Show GitHub Exploit DB Packet Storm
248446 7.5 危険 724cms - 724Networks 724CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1858 2012-06-26 16:02 2008-04-16 Show GitHub Exploit DB Packet Storm
248447 7.5 危険 coronamatrix - CoronaMatrix phpAddressBook の view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1847 2012-06-26 16:02 2008-04-16 Show GitHub Exploit DB Packet Storm
248448 6.8 警告 Coppermine Photo Gallery - CPG の bridge/coppermine.inc.php のセッションハンドリング機能における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1841 2012-06-26 16:02 2008-04-16 Show GitHub Exploit DB Packet Storm
248449 6.5 警告 Coppermine Photo Gallery - Coppermine Photo Gallery (CPG) の upload.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1840 2012-06-26 16:02 2008-04-16 Show GitHub Exploit DB Packet Storm
248450 7.5 危険 bosdev - BosClassifieds Classified Ads System における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1838 2012-06-26 16:02 2008-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
201651 7.5 HIGH
Network 		qualcomm apq8009w_firmware
apq8017_firmware
apq8053_firmware
apq8064au_firmware
apq8096au_firmware
aqt1000_firmware
msm8909w_firmware
msm8917_firmware
msm8937_firmware
msm8953_firmw… 		Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IO… CWE-476
 NULL Pointer Dereference 		CVE-2021-1936 2024-11-21 14:45 2021-10-20 Show GitHub Exploit DB Packet Storm
201652 8.4 HIGH
Local 		qualcomm aqt1000_firmware
ar8035_firmware
qca6390_firmware
qca6420_firmware
qca6430_firmware
qca6574a_firmware
qca6574au_firmware
qca6595_firmware
qca6595au_firmware
qca6696_firmwar… 		Improper access control in trusted application environment can cause unauthorized access to CDSP or ADSP VM memory with either privilege in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit… NVD-CWE-Other
CVE-2021-1932 2024-11-21 14:45 2021-10-20 Show GitHub Exploit DB Packet Storm
201653 8.4 HIGH
Local 		qualcomm apq8017_firmware
apq8053_firmware
aqt1000_firmware
msm8917_firmware
msm8953_firmware
qca6174a_firmware
qca6390_firmware
qca6391_firmware
qca6420_firmware
qca6430_firmware 		Null pointer dereference can occur due to memory allocation failure in DIAG in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables CWE-476
 NULL Pointer Dereference 		CVE-2021-1917 2024-11-21 14:45 2021-10-20 Show GitHub Exploit DB Packet Storm
201654 8.4 HIGH
Local 		qualcomm aqt1000_firmware
ar8035_firmware
csrb31024_firmware
qca6174a_firmware
qca6390_firmware
qca6391_firmware
qca6420_firmware
qca6421_firmware
qca6426_firmware
qca6430_firmware<… 		Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdra… CWE-190
 Integer Overflow or Wraparound 		CVE-2021-1913 2024-11-21 14:45 2021-10-20 Show GitHub Exploit DB Packet Storm
201655 8.8 HIGH
Network 		zohocorp manageengine_admanager_plus ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-20131 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm
201656 8.8 HIGH
Network 		zohocorp manageengine_admanager_plus ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-20130 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm
201657 7.5 HIGH
Network 		draytek vigorconnect An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2021-20129 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm
201658 5.4 MEDIUM
Network 		draytek vigorconnect The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to stored XSS, as user input is not properly sanitized. CWE-79
Cross-site Scripting 		CVE-2021-20128 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm
201659 8.1 HIGH
Network 		draytek vigorconnect An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete… NVD-CWE-noinfo
CVE-2021-20127 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm
201660 8.8 HIGH
Network 		draytek vigorconnect Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who… CWE-352
 Origin Validation Error 		CVE-2021-20126 2024-11-21 14:45 2021-10-14 Show GitHub Exploit DB Packet Storm