Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252331	5	警告	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Mozilla Firefox および Thunderbird における同一生成元ポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2362	2012-01-27 16:25	2011-06-21	Show	GitHub Exploit DB Packet Storm

252332	10	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Mozilla Firefox および Thunderbird の nsXULCommandDispatcher 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2011-0085	2012-01-27 16:23	2011-06-21	Show	GitHub Exploit DB Packet Storm

252333	10	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Mozilla Firefox および Thunderbird の nsSVGPathSegList::ReplaceItem 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0083	2012-01-27 16:22	2011-06-21	Show	GitHub Exploit DB Packet Storm

252334	4.3	警告	シマンテック	-	Symantec pcAnywhere 製品における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-3479	2012-01-27 16:20	2012-01-22	Show	GitHub Exploit DB Packet Storm

252335	10	危険	シマンテック	-	Symantec pcAnywhere 製品における任意のコードを実行される脆弱性	CWE-287 不適切な認証	CVE-2011-3478	2012-01-27 16:18	2012-01-22	Show	GitHub Exploit DB Packet Storm

252336	4.3	警告	Digium	-	Asterisk Open Source の chan_sip.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2012-0885	2012-01-27 15:44	2012-01-15	Show	GitHub Exploit DB Packet Storm

252337	4.3	警告	Google	-	Android の Bluetooth サービスにおける連絡先データを取得される脆弱性	CWE-200 情報漏えい	CVE-2011-4276	2012-01-27 15:43	2011-10-28	Show	GitHub Exploit DB Packet Storm

252338	5.8	警告	Tencent	-	Android 用 Tencent QQPhoto における連絡先情報およびパスワードハッシュを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4867	2012-01-27 15:18	2012-01-25	Show	GitHub Exploit DB Packet Storm

252339	6.4	警告	Kaixin001	-	Android 用 Kaixin001 における連絡先情報および平文パスワードを読まれる脆弱性	CWE-200 情報漏えい	CVE-2011-4866	2012-01-27 15:18	2012-01-25	Show	GitHub Exploit DB Packet Storm

252340	5.8	警告	Tencent	-	Android 用 Tencent WBlog および MicroBlogPad におけるドラフトメッセージおよび検索キーワードを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4865	2012-01-27 15:12	2012-01-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195531	7.5	HIGH Network	rubyonrails	rails	The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive …	NVD-CWE-Other	CVE-2021-22904	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

195532	6.1	MEDIUM Network	rubyonrails	rails	The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Author…	CWE-601 Open Redirect	CVE-2021-22903	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

195533	7.5	HIGH Network	rubyonrails	rails	The actionpack ruby gem (a framework for handling and responding to web requests in Rails) before 6.0.3.7, 6.1.3.2 suffers from a possible denial of service vulnerability in the Mime type parser of A…	NVD-CWE-noinfo	CVE-2021-22902	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

195534	8.1	HIGH Network	haxx oracle netapp siemens splunk	curl mysql_server essbase communications_cloud_native_core_network_slice_selection_function communications_cloud_native_core_network_repository_function communications_cloud_native_cor…	curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use…	CWE-416 Use After Free	CVE-2021-22901	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

195535	4.3	MEDIUM Network	nextcloud	nextcloud	Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.	CWE-862 Missing Authorization	CVE-2021-22896	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

195536	5.9	MEDIUM Network	nextcloud debian	desktop debian_linux	Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.	CWE-295 Improper Certificate Validation	CVE-2021-22895	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

195537	4.3	MEDIUM Network	schneider-electric	easergy_t300_firmware	A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an att…	-	CVE-2021-22769	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

195538	9.8	CRITICAL Network	schneider-electric	powerlogic_egx100_firmware powerlogic_egx300_firmware	A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code executi…	-	CVE-2021-22768	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

195539	3.1	LOW Network	haxx debian fedoraproject oracle siemens splunk	curl debian_linux fedora mysql_server essbase communications_cloud_native_core_network_slice_selection_function communications_cloud_native_core_network_repository_function commu…	curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers…	CWE-909 Missing Initialization of Resource	CVE-2021-22898	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm

195540	5.3	MEDIUM Network	haxx oracle netapp siemens splunk	curl mysql_server essbase communications_cloud_native_core_network_slice_selection_function communications_cloud_native_core_network_repository_function communications_cloud_native_cor…	curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The s…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2021-22897	2024-11-21 14:50	2021-06-12	Show	GitHub Exploit DB Packet Storm