Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250691	7.5	危険	Joomla!	-	Joomla! における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4696	2012-03-27 18:42	2010-11-4	Show	GitHub Exploit DB Packet Storm

250692	4.3	警告	XWiki	-	XWiki Enterprise におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4642	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

250693	7.5	危険	XWiki	-	XWiki Enterprise における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4641	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

250694	4.3	警告	XWiki	-	XWiki Watch におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4640	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

250695	7.5	危険	intendance	-	MySource Matrix の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4639	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

250696	6.8	警告	iptechinside	-	JQuarks4s コンポーネントの submitSurvey 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4638	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

250697	4.3	警告	finalcut	-	WordPress の FeedList プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4637	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

250698	7.5	危険	site2nite	-	Site2Nite Business e-Listings の detail.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4636	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

250699	7.5	危険	site2nite	-	Site2Nite VRBO Listings の detail.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4635	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

250700	7.5	危険	sumeffect	-	digiSHOP の cart.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4633	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195761	9.8	CRITICAL Network	tibco	api_exchange_gateway_distribution api_exchange_gateway	The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows an u…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2021-23274	2024-11-21 14:51	2021-03-24	Show	GitHub Exploit DB Packet Storm

195762	8.8	HIGH Network	killport_project	killport	This affects the package killport before 1.0.2. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exe…	CWE-78 OS Command	CVE-2021-23360	2024-11-21 14:51	2021-03-22	Show	GitHub Exploit DB Packet Storm

195763	8.8	HIGH Network	port-killer_project	port-killer	This affects all versions of package port-killer. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process e…	CWE-78 OS Command	CVE-2021-23359	2024-11-21 14:51	2021-03-18	Show	GitHub Exploit DB Packet Storm

195764	6.7	MEDIUM Local	mcafee	endpoint_product_removal_tool	Unquoted service path vulnerability in McAfee Endpoint Product Removal (EPR) Tool prior to 21.2 allows local administrators to execute arbitrary code, with higher-level privileges, via execution from…	CWE-428 Unquoted Search Path or Element	CVE-2021-23879	2024-11-21 14:51	2021-03-16	Show	GitHub Exploit DB Packet Storm

195765	5.3	MEDIUM Local	tyk	tyk	All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. This function is able to delete arbitrary JSON files on the…	CWE-22 Path Traversal	CVE-2021-23357	2024-11-21 14:51	2021-03-16	Show	GitHub Exploit DB Packet Storm

195766	9.8	CRITICAL Network	kill-process-by-name_project	kill-process-by-name	This affects all versions of package kill-process-by-name. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_…	CWE-78 OS Command	CVE-2021-23356	2024-11-21 14:51	2021-03-16	Show	GitHub Exploit DB Packet Storm

195767	9.8	CRITICAL Network	ps-kill_project	ps-kill	This affects all versions of package ps-kill. If (attacker-controlled) user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of th…	CWE-78 OS Command	CVE-2021-23355	2024-11-21 14:51	2021-03-16	Show	GitHub Exploit DB Packet Storm

195768	7.5	HIGH Network	adaltas	printf	The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\%(?:$([\w_.]+)$\|([1-9]\d)\$)?([0 +\-\])(\\|\d+)?(\.)?(\\|\d+)?[hlL]?([\%bscde…	CWE-1333 Inefficient Regular Expression Complexity	CVE-2021-23354	2024-11-21 14:51	2021-03-13	Show	GitHub Exploit DB Packet Storm

195769	5.4	MEDIUM Network	tibco	spotfire_server spotfire_desktop spotfire_analyst analytics_platform	The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vuln…	CWE-79 Cross-site Scripting	CVE-2021-23273	2024-11-21 14:51	2021-03-10	Show	GitHub Exploit DB Packet Storm

195770	7.5	HIGH Network	parall	jspdf	This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function.	NVD-CWE-noinfo	CVE-2021-23353	2024-11-21 14:51	2021-03-10	Show	GitHub Exploit DB Packet Storm