Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249021	7.5	危険	HyperMethod IBS	-	Hypermethod eLearning Server の news.php4 における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-2923	2012-05-23 19:34	2012-05-21	Show	GitHub Exploit DB Packet Storm

249022	5	警告	Drupal	-	Drupal の includes/bootstrap.inc 内の request_path 関数における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-2922	2012-05-23 19:33	2012-05-21	Show	GitHub Exploit DB Packet Storm

249023	3.5	注意	Geoff Davies	-	Drupal 用 Contact Forms モジュールにおけるモジュールの設定を変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2340	2012-05-23 19:12	2012-05-21	Show	GitHub Exploit DB Packet Storm

249024	4.3	警告	Nancy Wichmann	-	Drupal 用 Glossary モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2339	2012-05-23 19:00	2012-05-21	Show	GitHub Exploit DB Packet Storm

249025	2.6	注意	Ishmael Sanchez	-	Drupal 用 Aberdeen テーマの aberdeen_breadcrumb 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2907	2012-05-23 18:57	2012-05-21	Show	GitHub Exploit DB Packet Storm

249026	5	警告	mark pilgrim	-	Universal Feed Parser におけるサービス運用妨害 (メモリ消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-2921	2012-05-23 18:50	2012-05-2	Show	GitHub Exploit DB Packet Storm

249027	4.3	警告	Weston Ruter	-	WordPress 用 User Photo プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2920	2012-05-23 18:48	2012-05-21	Show	GitHub Exploit DB Packet Storm

249028	4.3	警告	Andrew Killen	-	WordPress 用 Share and Follow プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2917	2012-05-23 18:47	2012-05-21	Show	GitHub Exploit DB Packet Storm

249029	4.3	警告	dlo	-	WordPress 用 Sabre プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2916	2012-05-23 18:46	2012-05-21	Show	GitHub Exploit DB Packet Storm

249030	4.3	警告	Hind	-	WordPress 用 Leaflet プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2913	2012-05-23 18:41	2012-05-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197021	8.8	HIGH Network	adobe	incopy	Adobe InCopy version 16.0 (and earlier) is affected by an path traversal vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote cod…	-	CVE-2021-21090	2024-11-21 14:47	2021-06-28	Show	GitHub Exploit DB Packet Storm

197022	6.1	MEDIUM Network	adobe	experience_manager experience_manager_cloud_service	AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abus…	-	CVE-2021-21084	2024-11-21 14:47	2021-06-28	Show	GitHub Exploit DB Packet Storm

197023	7.5	HIGH Network	adobe	experience_manager experience_manager_cloud_service	AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by an Improper Access Control vulnerability. An unauthenticated attacke…	NVD-CWE-Other	CVE-2021-21083	2024-11-21 14:47	2021-06-28	Show	GitHub Exploit DB Packet Storm

197024	6.1	MEDIUM Network	ec-cube	ec-cube	Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 (EC-CUBE 4 series) allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially …	CWE-79 Cross-site Scripting	CVE-2021-20751	2024-11-21 14:47	2021-06-28	Show	GitHub Exploit DB Packet Storm

197025	6.1	MEDIUM Network	ec-cube	ec-cube	Cross-site scripting vulnerability in EC-CUBE EC-CUBE 3.0.0 to 3.0.18-p2 (EC-CUBE 3 series) and EC-CUBE 4.0.0 to 4.0.5-p1 (EC-CUBE 4 series) allows a remote attacker to inject an arbitrary script by …	CWE-79 Cross-site Scripting	CVE-2021-20750	2024-11-21 14:47	2021-06-28	Show	GitHub Exploit DB Packet Storm

197026	5.4	MEDIUM Network	nendeb	fudousan_plugin fudousan_plugin_pro_multi-user fudousan_plugin_pro_single-user	Cross-site scripting vulnerability in Fudousan plugin ver5.7.0 and earlier, Fudousan Plugin Pro Single-User Type ver5.7.0 and earlier, and Fudousan Plugin Pro Multi-User Type ver5.7.0 and earlier all…	CWE-79 Cross-site Scripting	CVE-2021-20749	2024-11-21 14:47	2021-06-28	Show	GitHub Exploit DB Packet Storm

197027	5.4	MEDIUM Network	wordpress_popular_posts_project	wordpress_popular_posts	Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2021-20746	2024-11-21 14:47	2021-06-28	Show	GitHub Exploit DB Packet Storm

197028	7.8	HIGH Local	inkdrop	inkdrop	Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop.	CWE-78 OS Command	CVE-2021-20745	2024-11-21 14:47	2021-06-28	Show	GitHub Exploit DB Packet Storm

197029	8.8	HIGH Network	hitachi nec	virtual_file_platform nas_gateway_nh4a_firmware nas_gateway_nh8a_firmware nas_gateway_nh4b_firmware nas_gateway_nh8b_firmware nas_gateway_nh4c_firmware nas_gateway_nh8c_firmware	Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08(NEC2.5.4a) and Nh4b/Nh8b, Nh4c/N…	CWE-78 OS Command	CVE-2021-20740	2024-11-21 14:47	2021-06-28	Show	GitHub Exploit DB Packet Storm

197030	7.5	HIGH Network	phoenixcontact	fl_comserver_uni_232\/422\/485_firmware fl_comserver_uni_232\/422\/485-t_firmware	In Phoenix Contact FL COMSERVER UNI in versions < 2.40 a invalid Modbus exception response can lead to a temporary denial of service.	-	CVE-2021-21002	2024-11-21 14:47	2021-06-26	Show	GitHub Exploit DB Packet Storm