Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252791 7.5 危険 SugarCRM - SugarCRM の Leads モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4833 2011-12-19 15:08 2011-12-15 Show GitHub Exploit DB Packet Storm
252792 7.5 危険 Moxiecode Systems AB
phpMyFAQ
PHPletter		 - 複数の製品で使用される inc/function.base.php における PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4825 2011-12-19 15:07 2011-10-25 Show GitHub Exploit DB Packet Storm
252793 7.5 危険 The Cacti Group - Cacti の auth_login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4824 2011-12-19 15:06 2011-09-26 Show GitHub Exploit DB Packet Storm
252794 4.3 警告 Atlassian - Atlassian FishEye のユーザプロファイル機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4822 2011-12-19 15:05 2011-10-24 Show GitHub Exploit DB Packet Storm
252795 3.6 注意 Artsoft Entertainment - Artsoft Entertainment の Rocks'n'Diamonds における任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4606 2011-12-19 15:05 2011-12-15 Show GitHub Exploit DB Packet Storm
252796 4.3 警告 Digium - Asterisk の channels/chan_sip.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-200
情報漏えい 		CVE-2011-4598 2011-12-19 15:03 2011-11-2 Show GitHub Exploit DB Packet Storm
252797 5 警告 Digium - Asterisk の UDP 実装での SIP におけるユーザ名を列挙される脆弱性 CWE-200
情報漏えい 		CVE-2011-4597 2011-12-19 15:01 2011-07-18 Show GitHub Exploit DB Packet Storm
252798 7.5 危険 Caupo.Net - CaupoShop Pro および CaupoShop Classic におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4832 2011-12-19 13:44 2011-12-15 Show GitHub Exploit DB Packet Storm
252799 4 警告 David Azoulay - Web File Browser の webFileBrowser.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4831 2011-12-19 13:43 2011-12-15 Show GitHub Exploit DB Packet Storm
252800 7.5 危険 e4j Extensions for Joomla - Joomla! 用 Vik Real Estate コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4823 2011-12-19 11:52 2011-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195411 9.8 CRITICAL
Network 		nextcloud
fedoraproject 		nextcloud_server
fedora 		Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an att… CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2021-22915 2024-11-21 14:50 2021-06-12 Show GitHub Exploit DB Packet Storm
195412 6.5 MEDIUM
Network 		nextcloud deck Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unles… CWE-200
Information Exposure 		CVE-2021-22913 2024-11-21 14:50 2021-06-12 Show GitHub Exploit DB Packet Storm
195413 6.5 MEDIUM
Network 		nextcloud nextcloud Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a g… CWE-200
Information Exposure 		CVE-2021-22912 2024-11-21 14:50 2021-06-12 Show GitHub Exploit DB Packet Storm
195414 6.5 MEDIUM
Network 		nextcloud end-to-end_encryption Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users. CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2021-22906 2024-11-21 14:50 2021-06-12 Show GitHub Exploit DB Packet Storm
195415 6.5 MEDIUM
Network 		nextcloud nextcloud Nextcloud Android App (com.nextcloud.client) before v3.16.0 is vulnerable to information disclosure due to searches for sharees being performed by default on the lookup server instead of only using t… CWE-200
Information Exposure 		CVE-2021-22905 2024-11-21 14:50 2021-06-12 Show GitHub Exploit DB Packet Storm
195416 7.5 HIGH
Network 		rubyonrails rails The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive … NVD-CWE-Other
CVE-2021-22904 2024-11-21 14:50 2021-06-12 Show GitHub Exploit DB Packet Storm
195417 6.1 MEDIUM
Network 		rubyonrails rails The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Author… CWE-601
Open Redirect 		CVE-2021-22903 2024-11-21 14:50 2021-06-12 Show GitHub Exploit DB Packet Storm
195418 7.5 HIGH
Network 		rubyonrails rails The actionpack ruby gem (a framework for handling and responding to web requests in Rails) before 6.0.3.7, 6.1.3.2 suffers from a possible denial of service vulnerability in the Mime type parser of A… NVD-CWE-noinfo
CVE-2021-22902 2024-11-21 14:50 2021-06-12 Show GitHub Exploit DB Packet Storm
195419 8.1 HIGH
Network 		haxx
oracle
netapp
siemens
splunk 		curl
mysql_server
essbase
communications_cloud_native_core_network_slice_selection_function
communications_cloud_native_core_network_repository_function
communications_cloud_native_cor… 		curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use… CWE-416
 Use After Free 		CVE-2021-22901 2024-11-21 14:50 2021-06-12 Show GitHub Exploit DB Packet Storm
195420 4.3 MEDIUM
Network 		nextcloud nextcloud Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users. CWE-862
 Missing Authorization 		CVE-2021-22896 2024-11-21 14:50 2021-06-12 Show GitHub Exploit DB Packet Storm