Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248511 7.5 危険 creative mind - Creative Mind Creator CMS の index.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4377 2012-06-26 16:02 2008-10-1 Show GitHub Exploit DB Packet Storm
248512 7.5 危険 availscript - Availscript Classmate Script の viewprofile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4375 2012-06-26 16:02 2008-10-1 Show GitHub Exploit DB Packet Storm
248513 7.5 危険 cmsbuzz - CMS Buzz の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4374 2012-06-26 16:02 2008-10-1 Show GitHub Exploit DB Packet Storm
248514 7.5 危険 availscript - AvailScript Job Portal Script の job_seeker/applynow.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4373 2012-06-26 16:02 2008-10-1 Show GitHub Exploit DB Packet Storm
248515 4.3 警告 availscript - AvailScript Article Script の articles.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4372 2012-06-26 16:02 2008-10-1 Show GitHub Exploit DB Packet Storm
248516 7.5 危険 availscript - AvailScript Article Script の articles.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4371 2012-06-26 16:02 2008-10-1 Show GitHub Exploit DB Packet Storm
248517 4.3 警告 availscript - Availscript Photo Album におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4370 2012-06-26 16:02 2008-10-1 Show GitHub Exploit DB Packet Storm
248518 7.5 危険 availscript - Availscript Photo Album の pics.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4369 2012-06-26 16:02 2008-10-1 Show GitHub Exploit DB Packet Storm
248519 6.5 警告 camera life - Camera Life の画像アップロードコンポーネントにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4366 2012-06-26 16:02 2008-09-30 Show GitHub Exploit DB Packet Storm
248520 7.2 危険 deslock - DESlock+ の DLMFENC.sys における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4363 2012-06-26 16:02 2008-09-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
202071 7.8 HIGH
Local 		vmware thinapp VMware Thinapp version 5.x prior to 5.2.10 contain a DLL hijacking vulnerability due to insecure loading of DLLs. A malicious actor with non-administrative privileges may exploit this vulnerability t… CWE-427
 Uncontrolled Search Path Element 		CVE-2021-22000 2024-11-21 14:49 2021-07-14 Show GitHub Exploit DB Packet Storm
202072 7.5 HIGH
Network 		vmware cloud_foundation
esxi 		OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bound… CWE-125
Out-of-bounds Read 		CVE-2021-21995 2024-11-21 14:49 2021-07-14 Show GitHub Exploit DB Packet Storm
202073 9.8 CRITICAL
Network 		vmware cloud_foundation
esxi 		SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authenti… CWE-287
Improper Authentication 		CVE-2021-21994 2024-11-21 14:49 2021-07-14 Show GitHub Exploit DB Packet Storm
202074 8.8 HIGH
Network 		fortinet fortimail Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow an authenticated attacker with regular webmail access to tri… CWE-120
Classic Buffer Overflow 		CVE-2021-22129 2024-11-21 14:49 2021-07-10 Show GitHub Exploit DB Packet Storm
202075 8.8 HIGH
Network 		webkitgtk webkitgtk An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution.… CWE-416
 Use After Free 		CVE-2021-21806 2024-11-21 14:49 2021-07-8 Show GitHub Exploit DB Packet Storm
202076 9.8 CRITICAL
Network 		accusoft imagegear A stack-based buffer overflow vulnerability exists in the PDF process_fontname functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to code execution. An attacker can… CWE-787
 Out-of-bounds Write 		CVE-2021-21821 2024-11-21 14:49 2021-07-8 Show GitHub Exploit DB Packet Storm
202077 9.8 CRITICAL
Network 		accusoft imagegear An integer overflow vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An … CWE-190
 Integer Overflow or Wraparound 		CVE-2021-21807 2024-11-21 14:49 2021-07-8 Show GitHub Exploit DB Packet Storm
202078 4.3 MEDIUM
Network 		gitlab gitlab An information disclosure vulnerability in GitLab EE versions 13.10 and later allowed a user to read project details CWE-862
 Missing Authorization 		CVE-2021-22233 2024-11-21 14:49 2021-07-7 Show GitHub Exploit DB Packet Storm
202079 5.4 MEDIUM
Network 		gitlab gitlab Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown CWE-79
Cross-site Scripting 		CVE-2021-22225 2024-11-21 14:49 2021-07-7 Show GitHub Exploit DB Packet Storm
202080 6.5 MEDIUM
Network 		gitlab gitlab A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim CWE-352
 Origin Validation Error 		CVE-2021-22224 2024-11-21 14:49 2021-07-7 Show GitHub Exploit DB Packet Storm