Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252381	4.3	警告	VideoLAN	-	VLC media player におけるサービス運用妨害 (クラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-0904	2012-01-25 10:54	2012-01-20	Show	GitHub Exploit DB Packet Storm

252382	4.3	警告	VMware	-	VMware Zimbra Desktop におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0903	2012-01-25 10:51	2012-01-20	Show	GitHub Exploit DB Packet Storm

252383	5	警告	AirTies	-	AirTies Air 4450 におけるサービス運用妨害 (リブート) の脆弱性	CWE-noinfo 情報不足	CVE-2012-0902	2012-01-25 10:43	2012-01-20	Show	GitHub Exploit DB Packet Storm

252384	4.3	警告	attenzione	-	WordPress 用 YouSayToo auto-publishing プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0901	2012-01-25 10:39	2012-01-20	Show	GitHub Exploit DB Packet Storm

252385	4.3	警告	Beehive Forum	-	Beehive Forum におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0900	2012-01-25 10:35	2012-01-20	Show	GitHub Exploit DB Packet Storm

252386	4.3	警告	Annuaire PHP	-	Annuaire PHP におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0899	2012-01-25 10:32	2012-01-20	Show	GitHub Exploit DB Packet Storm

252387	5	警告	camaleo	-	WordPress 用 myEASYbackup プラグインにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-0898	2012-01-25 10:30	2012-01-20	Show	GitHub Exploit DB Packet Storm

252388	5	警告	Tom Braider	-	WordPress 用 Count Per Day モジュールにおける絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-0896	2012-01-25 10:23	2012-01-20	Show	GitHub Exploit DB Packet Storm

252389	4.3	警告	Tom Braider	-	WordPress 用 Count Per Day モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0895	2012-01-25 10:21	2012-01-20	Show	GitHub Exploit DB Packet Storm

252390	9.3	危険	IBM	-	IBM Lotus Symphony の vclmi.dll における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-0192	2012-01-24 16:45	2012-01-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195481	6.3	MEDIUM Network	fusioncharts	apexcharts	The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting (XSS) via lack of sanitization of graph legend fields.	CWE-79 Cross-site Scripting	CVE-2021-23327	2024-11-21 14:51	2021-02-9	Show	GitHub Exploit DB Packet Storm

195482	3.3	LOW Local	squareup	connect_java_software_development_kit	This affects all versions of package com.squareup:connect. The method prepareDownloadFilecreates creates a temporary file with the permissions bits of -rw-r--r-- on unix-like systems. On unix-like sy…	NVD-CWE-noinfo	CVE-2021-23331	2024-11-21 14:51	2021-02-4	Show	GitHub Exploit DB Packet Storm

195483	8.0	HIGH Network	tibco	ebx	The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Stored Cross Site S…	CWE-79 Cross-site Scripting	CVE-2021-23271	2024-11-21 14:51	2021-02-3	Show	GitHub Exploit DB Packet Storm

195484	9.8	CRITICAL Network	bitovi	launchpad	All versions of package launchpad are vulnerable to Command Injection via stop.	CWE-78 OS Command	CVE-2021-23330	2024-11-21 14:51	2021-02-2	Show	GitHub Exploit DB Packet Storm

195485	7.5	HIGH Network	getadigital	nested-object-assign	The package nested-object-assign before 1.0.4 are vulnerable to Prototype Pollution via the default function, as demonstrated by running the PoC below.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2021-23329	2024-11-21 14:51	2021-02-1	Show	GitHub Exploit DB Packet Storm

195486	5.6	MEDIUM Network	iniparserjs_project	iniparserjs	This affects all versions of package iniparserjs. This vulnerability relates when ini_parser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute …	NVD-CWE-Other	CVE-2021-23328	2024-11-21 14:51	2021-01-30	Show	GitHub Exploit DB Packet Storm

195487	5.4	MEDIUM Network	tibco	bpm_enterprise bpm_enterprise_distribution_for_silver_fabric	The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically a…	CWE-79 Cross-site Scripting	CVE-2021-23272	2024-11-21 14:51	2021-01-27	Show	GitHub Exploit DB Packet Storm

195488	8.8	HIGH Network	the-guild	graphql-tools	This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection.	CWE-78 OS Command	CVE-2021-23326	2024-11-21 14:51	2021-01-20	Show	GitHub Exploit DB Packet Storm

195489	4.8	MEDIUM Network	flatcore	flatcore	An issue was discovered in flatCore before 2.0.0 build 139. A reflected XSS vulnerability was identified in the media_filter HTTP request body parameter for the acp interface. The affected parameter …	CWE-79 Cross-site Scripting	CVE-2021-23838	2024-11-21 14:51	2021-01-15	Show	GitHub Exploit DB Packet Storm

195490	6.5	MEDIUM Network	flatcore	flatcore	An issue was discovered in flatCore before 2.0.0 build 139. A time-based blind SQL injection was identified in the selected_folder HTTP request body parameter for the acp interface. The affected para…	CWE-89 SQL Injection	CVE-2021-23837	2024-11-21 14:51	2021-01-15	Show	GitHub Exploit DB Packet Storm