Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251271 4.3 警告 ヒューレット・パッカード - HP AssetCenter および AssetManager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3291 2012-03-27 18:42 2010-10-18 Show GitHub Exploit DB Packet Storm
251272 6.5 警告 ヒューレット・パッカード - HP SIM における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3290 2012-03-27 18:42 2010-10-18 Show GitHub Exploit DB Packet Storm
251273 4.3 警告 ヒューレット・パッカード - HP SIM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3289 2012-03-27 18:42 2010-10-18 Show GitHub Exploit DB Packet Storm
251274 6.8 警告 ヒューレット・パッカード - HP SIM におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3288 2012-03-27 18:42 2010-10-18 Show GitHub Exploit DB Packet Storm
251275 8.3 危険 ヒューレット・パッカード - 複数の HP 製品における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3287 2012-03-27 18:42 2010-10-13 Show GitHub Exploit DB Packet Storm
251276 5 警告 ヒューレット・パッカード - HP SIM における任意のファイルを読まれる脆弱性 CWE-noinfo
情報不足 		CVE-2010-3286 2012-03-27 18:42 2010-10-13 Show GitHub Exploit DB Packet Storm
251277 5 警告 ヒューレット・パッカード - HP OV NNM におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-3285 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
251278 4.3 警告 ヒューレット・パッカード - HP SMH における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-3284 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
251279 4.3 警告 ヒューレット・パッカード - HP SMH におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3283 2012-03-27 18:42 2010-09-22 Show GitHub Exploit DB Packet Storm
251280 5.4 警告 Alcatel-Lucent - Alcatel-Lucent OmniVista の HTTP プロキシサービスにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3281 2012-03-27 18:42 2010-09-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195231 9.8 CRITICAL
Network 		glasswire glasswire A code injection vulnerability exists within the firewall software of GlassWire v2.1.167 that could lead to arbitrary code execution from a file in the user path on first execution. CWE-94
Code Injection 		CVE-2021-22961 2024-11-21 14:51 2021-10-18 Show GitHub Exploit DB Packet Storm
195232 6.1 MEDIUM
Network 		fastify fastify-static A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000… CWE-601
Open Redirect 		CVE-2021-22963 2024-11-21 14:51 2021-10-15 Show GitHub Exploit DB Packet Storm
195233 8.8 HIGH
Network 		fastify fastify-static A redirect vulnerability in the `fastify-static` module version >= 4.2.4 and < 4.4.1 allows remote attackers to redirect Mozilla Firefox users to arbitrary websites via a double slash `//` followed b… CWE-601
Open Redirect 		CVE-2021-22964 2024-11-21 14:51 2021-10-15 Show GitHub Exploit DB Packet Storm
195234 9.8 CRITICAL
Network 		config-handler_project config-handler All versions of package config-handler are vulnerable to Prototype Pollution when loading config files. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2021-23448 2024-11-21 14:51 2021-10-12 Show GitHub Exploit DB Packet Storm
195235 6.1 MEDIUM
Network 		teddy_project teddy This affects the package teddy before 0.5.9. A type confusion vulnerability can be used to bypass input sanitization when the model content is an array (instead of a string). CWE-843
Type Confusion 		CVE-2021-23447 2024-11-21 14:51 2021-10-8 Show GitHub Exploit DB Packet Storm
195236 9.8 CRITICAL
Network 		concretecms concrete_cms A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction wit… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2021-22958 2024-11-21 14:51 2021-10-7 Show GitHub Exploit DB Packet Storm
195237 6.1 MEDIUM
Network 		bosch rexroth_indramotion_mlc_l20_firmware
rexroth_indramotion_mlc_l40_firmware 		The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the client a manipulated URL. CWE-79
Cross-site Scripting 		CVE-2021-23856 2024-11-21 14:51 2021-10-5 Show GitHub Exploit DB Packet Storm
195238 7.5 HIGH
Network 		bosch rexroth_indramotion_xlc_firmware
rexroth_indramotion_mlc_firmware 		The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using… CWE-326
Inadequate Encryption Strength 		CVE-2021-23855 2024-11-21 14:51 2021-10-5 Show GitHub Exploit DB Packet Storm
195239 7.5 HIGH
Network 		bosch rexroth_indramotion_mlc_l20_firmware
rexroth_indramotion_mlc_l40_firmware
rexroth_indramotion_mlc_l25_firmware
rexroth_indramotion_mlc_l45_firmware
rexroth_indramotion_mlc_l65_firmware 		Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, … CWE-306
Missing Authentication for Critical Function 		CVE-2021-23858 2024-11-21 14:51 2021-10-5 Show GitHub Exploit DB Packet Storm
195240 9.8 CRITICAL
Network 		bosch rexroth_indramotion_mlc_l20_firmware
rexroth_indramotion_mlc_l40_firmware
rexroth_indramotion_mlc_l25_firmware
rexroth_indramotion_mlc_l45_firmware
rexroth_indramotion_mlc_l65_firmware 		Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to… CWE-287
Improper Authentication 		CVE-2021-23857 2024-11-21 14:51 2021-10-5 Show GitHub Exploit DB Packet Storm