Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251631 4.3 警告 SAP - SAP NetWeaver の b2b/auction/container.jsp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1290 2012-02-27 13:47 2012-02-23 Show GitHub Exploit DB Packet Storm
251632 4 警告 SAP - SAP NetWeaver におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-1289 2012-02-27 13:46 2012-02-23 Show GitHub Exploit DB Packet Storm
251633 10 危険 UTC Fire & Security - UTC Fire & Security Master Clock の管理者パスワードがハードコードされている問題 CWE-255
証明書・パスワード管理 		CVE-2012-1288 2012-02-24 15:59 2012-02-21 Show GitHub Exploit DB Packet Storm
251634 4.3 警告 IBM - IBM WebSphere Lombardi Edition におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0707 2012-02-24 15:27 2011-11-21 Show GitHub Exploit DB Packet Storm
251635 5 警告 シマンテック - Symantec pcAnywhere 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0291 2012-02-23 15:27 2012-01-24 Show GitHub Exploit DB Packet Storm
251636 9.3 危険 7-Technologies - 7-Technologies TERMIS における権限を取得される脆弱性 CWE-Other
その他 		CVE-2012-0223 2012-02-23 15:09 2011-02-22 Show GitHub Exploit DB Packet Storm
251637 5.8 警告 CubeCart Limited - CubeCart におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0865 2012-02-23 15:00 2012-02-21 Show GitHub Exploit DB Packet Storm
251638 5 警告 EasyVista - EasyVista に認証回避の脆弱性 CWE-287
不適切な認証 		CVE-2012-1256 2012-02-23 14:49 2012-02-22 Show GitHub Exploit DB Packet Storm
251639 6.4 警告 シックス・アパート株式会社 - Movable Type におけるセッションハイジャックが可能な脆弱性 CWE-Other
その他 		CVE-2012-0320 2012-02-23 12:04 2012-02-23 Show GitHub Exploit DB Packet Storm
251640 6.5 警告 シックス・アパート株式会社 - Movable Type における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2012-0319 2012-02-23 12:04 2012-02-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195501 3.3 LOW
Local 		openapi-generator openapi_generator OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creat… - CVE-2021-21429 2024-11-21 14:48 2021-04-28 Show GitHub Exploit DB Packet Storm
195502 5.4 MEDIUM
Network 		typo3 typo3 Bootstrap Package is a theme for TYPO3. It has been discovered that rendering content in the website frontend is vulnerable to cross-site scripting. A valid backend user account is needed to exploit … - CVE-2021-21365 2024-11-21 14:48 2021-04-28 Show GitHub Exploit DB Packet Storm
195503 7.2 HIGH
Network 		openmage magento Magento-lts is a long-term support alternative to Magento Community Edition (CE). A vulnerability in magento-lts versions before 19.4.13 and 20.0.9 potentially allows an administrator unauthorized ac… - CVE-2021-21427 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
195504 9.8 CRITICAL
Network 		openmage magento Magento-lts is a long-term support alternative to Magento Community Edition (CE). In magento-lts versions 19.4.12 and prior and 20.0.8 and prior, there is a vulnerability caused by the unsecured dese… - CVE-2021-21426 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
195505 4.3 MEDIUM
Network 		jenkins cloudbees_cd Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item… - CVE-2021-21647 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
195506 8.8 HIGH
Network 		jenkins templating_engine Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code … - CVE-2021-21646 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
195507 4.3 MEDIUM
Network 		jenkins config_file_provider Jenkins Config File Provider Plugin 3.7.0 and earlier does not perform permission checks in several HTTP endpoints, attackers with Overall/Read permission to enumerate configuration file IDs. - CVE-2021-21645 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
195508 5.4 MEDIUM
Network 		jenkins config_file_provider A cross-site request forgery (CSRF) vulnerability in Jenkins Config File Provider Plugin 3.7.0 and earlier allows attackers to delete configuration files corresponding to an attacker-specified ID. CWE-352
 Origin Validation Error 		CVE-2021-21644 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
195509 6.5 MEDIUM
Network 		jenkins config_file_provider Jenkins Config File Provider Plugin 3.7.0 and earlier does not correctly perform permission checks in several HTTP endpoints, allowing attackers with global Job/Configure permission to enumerate syst… - CVE-2021-21643 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
195510 8.1 HIGH
Network 		jenkins config_file_provider Jenkins Config File Provider Plugin 3.7.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. CWE-611
XXE 		CVE-2021-21642 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm