Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248971	7.5	危険	dcp-portal	-	DCP-Portal における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2278	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

248972	7.5	危険	alessandro lulli	-	Alessandro Lulli wavewoo の include/loading.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2273	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

248973	7.5	危険	awbs	-	AWBS の docs/front-end-demo/cart2.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2272	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

248974	7.5	危険	bibtex	-	bibtex mase における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2260	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

248975	7.5	危険	esforum	-	EsForum の forum.php における SQL インジェクションの脆弱性	-	CVE-2007-2259	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

248976	7.5	危険	fully modded phpbb	-	Fully Modded phpBB2 の subscp.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2257	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

248977	7.5	危険	alexscriptengine	-	Download-Engine における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2255	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

248978	7.5	危険	DeltaScripts	-	PHP Classifieds の admin/setup/level2.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2254	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

248979	5	警告	Exponent CMS project	-	Exponent CMS におけるパス情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-2253	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

248980	5	警告	Exponent CMS project	-	Exponent CMS の iconspopup.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2252	2012-06-26 15:46	2007-04-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196811	8.8	HIGH Network	apache	druid	Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by…	NVD-CWE-noinfo	CVE-2021-25646	2024-11-21 14:55	2021-01-30	Show	GitHub Exploit DB Packet Storm

196812	6.5	MEDIUM Adjacent	zivautomation	4cct-ea6-334126bf_firmware	Improper Authentication vulnerability in the cookie parameter of ZIV AUTOMATION 4CCT-EA6-334126BF allows a local attacker to perform modifications in several parameters of the affected device as an a…	CWE-287 Improper Authentication	CVE-2021-25910	2024-11-21 14:55	2021-01-29	Show	GitHub Exploit DB Packet Storm

196813	7.5	HIGH Network	zivautomation	4cct-ea6-334126bf_firmware	ZIV Automation 4CCT-EA6-334126BF firmware version 3.23.80.27.36371, allows an unauthenticated, remote attacker to cause a denial of service condition on the device. An attacker could exploit this vul…	CWE-400 Uncontrolled Resource Consumption	CVE-2021-25909	2024-11-21 14:55	2021-01-29	Show	GitHub Exploit DB Packet Storm

196814	5.4	MEDIUM Network	testes-codigo	testes_de_codigo	Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execut…	CWE-79 Cross-site Scripting	CVE-2021-25647	2024-11-21 14:55	2021-01-29	Show	GitHub Exploit DB Packet Storm

196815	5.3	MEDIUM Network	atlassian	bamboo	Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp dir…	CWE-200 Information Exposure	CVE-2021-26067	2024-11-21 14:55	2021-01-28	Show	GitHub Exploit DB Packet Storm

196816	7.5	HIGH Network	apache netapp	activemq_artemis oncommand_workflow_automation	While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entir…	NVD-CWE-Other	CVE-2021-26118	2024-11-21 14:55	2021-01-28	Show	GitHub Exploit DB Packet Storm

196817	7.5	HIGH Network	apache netapp debian oracle	activemq activemq_artemis oncommand_workflow_automation debian_linux flexcube_private_banking communications_session_report_manager communications_element_manager communications_…	The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to ve…	CWE-287 Improper Authentication	CVE-2021-26117	2024-11-21 14:55	2021-01-28	Show	GitHub Exploit DB Packet Storm

196818	7.8	HIGH Local	acdsee	photo_studio_2021	PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image.	CWE-863 Incorrect Authorization	CVE-2021-26026	2024-11-21 14:55	2021-01-27	Show	GitHub Exploit DB Packet Storm

196819	7.8	HIGH Local	acdsee	photo_studio_2021	PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image.	CWE-863 Incorrect Authorization	CVE-2021-26025	2024-11-21 14:55	2021-01-27	Show	GitHub Exploit DB Packet Storm

196820	7.5	HIGH Network	fil-ocl_project	fil-ocl	An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From<EventList> can lead to a double free.	CWE-415 Double Free	CVE-2021-25908	2024-11-21 14:55	2021-01-27	Show	GitHub Exploit DB Packet Storm