Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248941	7.8	危険	gosurf browser	-	GoSuRF Browser における他のドメインから制限された情報へアクセスされる脆弱性	-	CVE-2006-6992	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

248942	7.8	危険	fast browser	-	Fast Browser Pro における他のドメインから制限された情報にアクセスされる脆弱性	-	CVE-2006-6991	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

248943	7.8	危険	advanced search technologies inc.	-	Enigma Browser における他のドメインから制限された情報にアクセスされる脆弱性	-	CVE-2006-6990	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

248944	7.8	危険	flashpeak	-	Slim Browser における他のドメインから制限された情報へアクセスされる脆弱性	-	CVE-2006-6988	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

248945	5	警告	3proxy	-	3proxy における資格情報を不正に取得される脆弱性	-	CVE-2006-6982	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

248946	5	警告	3proxy	-	3proxy におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6981	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

248947	7.5	危険	amarok	-	Amarok の Magnatune コンポーネントの ruby ハンドラにおける任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2006-6979	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

248948	4.3	警告	CKEditor Team	-	FCKEditorto の "Basic Toolbar Selection" におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-6978	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

248949	4.3	警告	freetextbox	-	FreeTextBox の "Basic Toolbar Selection" におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-6977	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

248950	7.5	危険	centipaid	-	CentiPaid の centipaid_class.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-6976	2012-06-26 15:38	2007-02-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199621	8.6	HIGH Local	adobe	photoshop	Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted font file. Successful exploitation could lead to arbitrary code execut…	-	CVE-2021-21006	2024-11-21 14:47	2021-01-14	Show	GitHub Exploit DB Packet Storm

199622	5.3	MEDIUM Network	laravel	laravel	Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which …	CWE-89 SQL Injection	CVE-2021-21263	2024-11-21 14:47	2021-01-20	Show	GitHub Exploit DB Packet Storm

199623	8.8	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3 there is a critical "zip slip" vulnerability. This issue may lead to arbitrary file write. The KubernetesResource REST endpoint…	-	CVE-2021-21251	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

199624	6.5	MEDIUM Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which may lead to arbitrary file read. When BuildSpec is provided in XML format, the spec is…	-	CVE-2021-21250	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

199625	8.8	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is an issue involving YAML parsing which can lead to post-auth remote code execution. In order to parse and process YAML…	CWE-502 Deserialization of Untrusted Data	CVE-2021-21249	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

199626	8.8	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability involving the build endpoint parameters. InputSpec is used to define parameters of a Build s…	CWE-94 Code Injection	CVE-2021-21248	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

199627	8.8	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener (`AbstractPostAjaxBehavior`) in all pages other than the login pag…	CWE-502 Deserialization of Untrusted Data	CVE-2021-21247	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

199628	7.5	HIGH Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list user details. However …	-	CVE-2021-21246	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm

199629	7.5	HIGH Network	jqueryvalidation netapp	jquery_validation snapcenter	The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more r…	-	CVE-2021-21252	2024-11-21 14:47	2021-01-14	Show	GitHub Exploit DB Packet Storm

199630	9.8	CRITICAL Network	onedev_project	onedev	OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified location (`request.ge…	-	CVE-2021-21245	2024-11-21 14:47	2021-01-16	Show	GitHub Exploit DB Packet Storm