Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251871 6 警告 Broadwin
アドバンテック株式会社		 - Advantech/BroadWin WebAccess におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-1235 2012-02-23 11:47 2012-02-21 Show GitHub Exploit DB Packet Storm
251872 6.5 警告 Broadwin
アドバンテック株式会社		 - Advantech/BroadWin WebAccess における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1234 2012-02-23 11:46 2012-02-21 Show GitHub Exploit DB Packet Storm
251873 7.5 危険 Broadwin
アドバンテック株式会社		 - Advantech/BroadWin WebAccess における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-0244 2012-02-23 11:41 2012-02-21 Show GitHub Exploit DB Packet Storm
251874 7.5 危険 Broadwin
アドバンテック株式会社		 - Advantech/BroadWin WebAccess の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-0243 2012-02-23 11:40 2012-02-21 Show GitHub Exploit DB Packet Storm
251875 7.5 危険 Broadwin
アドバンテック株式会社		 - Advantech/BroadWin WebAccess におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2012-0242 2012-02-23 11:37 2012-02-21 Show GitHub Exploit DB Packet Storm
251876 5 警告 Broadwin
アドバンテック株式会社		 - Advantech/BroadWin WebAccess におけるサービス運用妨害 (メモリ破損) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0241 2012-02-23 11:36 2012-02-21 Show GitHub Exploit DB Packet Storm
251877 7.5 危険 Broadwin
アドバンテック株式会社		 - Advantech/BroadWin WebAccess の GbScriptAddUp.asp における任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2012-0240 2012-02-23 11:33 2012-02-21 Show GitHub Exploit DB Packet Storm
251878 5 警告 Broadwin
アドバンテック株式会社		 - Advantech/BroadWin WebAccess の uaddUpAdmin.asp における管理者パスワードを変更される脆弱性 CWE-287
不適切な認証 		CVE-2012-0239 2012-02-23 11:32 2012-02-21 Show GitHub Exploit DB Packet Storm
251879 7.5 危険 Broadwin
アドバンテック株式会社		 - Advantech/BroadWin WebAccess の opcImg.asp におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-0238 2012-02-23 11:29 2012-02-21 Show GitHub Exploit DB Packet Storm
251880 6.4 警告 Broadwin
アドバンテック株式会社		 - Advantech/BroadWin WebAccess における日付と時刻の同期設定を変更される脆弱性 CWE-119
バッファエラー 		CVE-2012-0237 2012-02-23 11:27 2012-02-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195701 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape button labels in the Jenkins UI, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with the ability t… CWE-79
Cross-site Scripting 		CVE-2021-21608 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195702 6.5 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit sizes provided as query parameters to graph-rendering URLs, allowing attackers to request crafted URLs that use all available memory … CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2021-21607 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195703 4.3 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML … CWE-20
 Improper Input Validation  		CVE-2021-21606 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195704 8.0 HIGH
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override the global `config.xml` file. CWE-22
Path Traversal 		CVE-2021-21605 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195705 8.0 HIGH
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor that results in the instanti… CWE-502
 Deserialization of Untrusted Data 		CVE-2021-21604 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195706 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape notification bar response contents, resulting in a cross-site scripting (XSS) vulnerability. CWE-79
Cross-site Scripting 		CVE-2021-21603 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195707 6.5 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows reading arbitrary files using the file browser for workspaces and archived artifacts by following symlinks. CWE-59
Link Following 		CVE-2021-21602 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195708 6.5 MEDIUM
Network 		sap cla-assistant In CLA-Assistant, versions before 2.8.5, due to improper access control an authenticated user could access API endpoints which are not intended to be used by the user. This could impact the integrity… NVD-CWE-Other
CVE-2021-21471 2024-11-21 14:48 2021-01-13 Show GitHub Exploit DB Packet Storm
195709 6.5 MEDIUM
Network 		sap business_warehouse The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database ta… CWE-862
 Missing Authorization 		CVE-2021-21468 2024-11-21 14:48 2021-01-13 Show GitHub Exploit DB Packet Storm
195710 4.3 MEDIUM
Network 		sap banking_services SAP Banking Services (Generic Market Data) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. An unauthorized User is allowed to display… CWE-862
 Missing Authorization 		CVE-2021-21467 2024-11-21 14:48 2021-01-13 Show GitHub Exploit DB Packet Storm