Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249031	7.5	危険	Johan Cwiklinski	-	Galette の includes/picture.class.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-2338	2012-05-23 18:16	2012-05-21	Show	GitHub Exploit DB Packet Storm

249032	10	危険	DMSoft Technologies	-	SkinCrafter の InitLicenKeys 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-2271	2012-05-23 18:15	2012-05-21	Show	GitHub Exploit DB Packet Storm

249033	9.3	危険	Lattice Semiconductor	-	Lattice Semiconductor PAC-Designer におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-2915	2012-05-23 18:04	2012-05-21	Show	GitHub Exploit DB Packet Storm

249034	5	警告	リアルネットワークス	-	RealNetworks RealPlayer および RealPlayer SP におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2012-1904	2012-05-23 18:04	2012-03-28	Show	GitHub Exploit DB Packet Storm

249035	4.3	警告	unijimpe	-	Unijimpe Captcha の captchademo.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2914	2012-05-23 18:02	2012-05-21	Show	GitHub Exploit DB Packet Storm

249036	4.3	警告	SiliSoftware	-	SiliSoftware backupDB() の backupDB.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2911	2012-05-23 17:54	2012-05-21	Show	GitHub Exploit DB Packet Storm

249037	4.3	警告	SiliSoftware	-	SiliSoftware phpThumb() におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2910	2012-05-23 17:53	2012-05-21	Show	GitHub Exploit DB Packet Storm

249038	4.3	警告	Artiphp	-	Artiphp CMS の artpublic/recommandation/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2906	2012-05-23 17:50	2012-05-21	Show	GitHub Exploit DB Packet Storm

249039	5	警告	Artiphp	-	Artiphp CMS における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2905	2012-05-23 17:49	2012-05-21	Show	GitHub Exploit DB Packet Storm

249040	4.3	警告	Viscacha	-	Viscacha におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2909	2012-05-23 16:57	2012-05-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197191	8.8	HIGH Network	netgear	r6700_firmware	Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. By triggering a system update check via the SOAP interface, the device is s…	CWE-78 OS Command	CVE-2021-20173	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197192	7.8	HIGH Local	netgear	genie_installer	All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecur…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2021-20172	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197193	5.5	MEDIUM Local	netgear	rax43_firmware	Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admi…	CWE-312 Cleartext Storage of Sensitive Information	CVE-2021-20171	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197194	8.8	HIGH Network	netgear	rax43_firmware	Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encry…	CWE-798 Use of Hard-coded Credentials	CVE-2021-20170	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197195	6.8	MEDIUM Physics	netgear	rax43_firmware	Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive infor…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2021-20169	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197196	6.8	MEDIUM Physics	netgear	rax43_firmware	Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A malicious actor with physical access to the device is able to connect to the UART port via a serial connec…	CWE-287 Improper Authentication	CVE-2021-20168	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197197	8.0	HIGH Adjacent	netgear	rax43_firmware	Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter.	CWE-77 Command Injection	CVE-2021-20167	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197198	8.8	HIGH Adjacent	netgear	rax43_firmware	Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection cont…	CWE-120 Classic Buffer Overflow	CVE-2021-20166	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197199	8.8	HIGH Network	trendnet	tew-827dru_firmware	Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. Most pages lack proper usage of CSRF protections or mitigations. Additionally, pages that do make use of CSRF …	CWE-352 Origin Validation Error	CVE-2021-20165	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm

197200	4.9	MEDIUM Network	trendnet	tew-827dru_firmware	Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Usernames and passwords for all smb users are revealed in plaintext on the smbserv…	CWE-522 Insufficiently Protected Credentials	CVE-2021-20164	2024-11-21 14:46	2021-12-31	Show	GitHub Exploit DB Packet Storm