Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
252101 7.5 危険 fishyshoop - Fishyshoop の pages/register/register.php における任意の管理者ユーザを作成される脆弱性 - CVE-2006-6773 2012-06-26 15:38 2006-12-27 Show GitHub Exploit DB Packet Storm
252102 7.5 危険 cwm-design - cwmExplorer における SQL インジェクションの脆弱性 - CVE-2006-6766 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
252103 7.8 危険 cwm-design - cwmExplorer の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-6757 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
252104 7.5 危険 ftprush - FTPRush におけるバッファオーバーフローの脆弱性 - CVE-2006-6752 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
252105 5 警告 dxmsoft - XM Easy Personal FTP Server におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題
CVE-2006-6751 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
252106 5 警告 dxmsoft - XM Easy Personal FTP Server におけるフォーマットストリングの脆弱性 - CVE-2006-6750 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
252107 7.5 危険 dreaxteam - Xt-News の show_news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2006-6747 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
252108 4.3 警告 dreaxteam - Xt-News におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2006-6746 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
252109 6.8 警告 cwm-design - cwmCounter の statistic.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2006-6738 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
252110 6.8 警告 cwm-design - cwmVote の archive.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2006-6732 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
202871 4.3 MEDIUM
Network
zte mf971r_firmware ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header information through a specially crafted HTTP request. CWE-74
Injection
CVE-2021-21743 2024-11-21 14:48 2021-10-21 Show GitHub Exploit DB Packet Storm
202872 6.1 MEDIUM
Network
zte mf971r_firmware ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information. CWE-79
Cross-site Scripting
CVE-2021-21747 2024-11-21 14:48 2021-10-21 Show GitHub Exploit DB Packet Storm
202873 6.1 MEDIUM
Network
zte mf971r_firmware ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information. CWE-79
Cross-site Scripting
CVE-2021-21746 2024-11-21 14:48 2021-10-21 Show GitHub Exploit DB Packet Storm
202874 7.8 HIGH
Local
gonitro nitro_pro An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different… CWE-415
 Double Free
CVE-2021-21797 2024-11-21 14:48 2021-10-18 Show GitHub Exploit DB Packet Storm
202875 7.8 HIGH
Local
gonitro nitro_pro An exploitable use-after-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause an object containing the path to a document to be destroye… CWE-416
 Use After Free
CVE-2021-21796 2024-11-21 14:48 2021-10-18 Show GitHub Exploit DB Packet Storm
202876 6.1 MEDIUM
Network
jenkins git Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripti… CWE-116
 Improper Encoding or Escaping of Output
CVE-2021-21684 2024-11-21 14:48 2021-10-7 Show GitHub Exploit DB Packet Storm
202877 6.5 MEDIUM
Network
jenkins jenkins The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Ov… CWE-22
Path Traversal
CVE-2021-21683 2024-11-21 14:48 2021-10-7 Show GitHub Exploit DB Packet Storm
202878 4.3 MEDIUM
Network
jenkins jenkins Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other entities on Window… NVD-CWE-noinfo
CVE-2021-21682 2024-11-21 14:48 2021-10-7 Show GitHub Exploit DB Packet Storm
202879 6.5 MEDIUM
Network
php php In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when… CWE-22
Path Traversal
CVE-2021-21706 2024-11-21 14:48 2021-10-4 Show GitHub Exploit DB Packet Storm
202880 5.3 MEDIUM
Network
php
netapp
oracle
php
clustered_data_ontap
sd-wan_aware
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid… CWE-20
 Improper Input Validation 
CVE-2021-21705 2024-11-21 14:48 2021-10-4 Show GitHub Exploit DB Packet Storm