Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253181 6.8 警告 FFmpeg
mplayerhq		 - MPlayer などの製品で使用される FFmpeg の flicvideo.c における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3429 2012-03-27 18:42 2010-09-30 Show GitHub Exploit DB Packet Storm
253182 7.5 危険 Intermesh - Intermesh Group-Office の modules/notes/json.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3428 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
253183 4.3 警告 Open Classifieds - Open Classifieds におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3427 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
253184 7.5 危険 4you-studio - Joomla! 用の Alpha の JPhone (com_jphone) コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-3426 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
253185 4.3 警告 SmarterTools Inc. - SmarterStats の UserControls/Popups/frmHelp.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3425 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
253186 4.3 警告 Invision Power Services, Inc - IP.Board の admin/sources/classes/bbcode/custom/defaults.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3424 2012-03-27 18:42 2010-09-7 Show GitHub Exploit DB Packet Storm
253187 7.5 危険 freka - Drupal の Yr Weatherdata モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3423 2012-03-27 18:42 2010-09-8 Show GitHub Exploit DB Packet Storm
253188 7.5 危険 solventus
Joomla!		 - Jmoola! 用の JGen コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3422 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
253189 4.3 警告 productcart - ProductCart の AffiliateLogin.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3421 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
253190 4.3 警告 webassist - PowerStore の Products_Results.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3420 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194661 7.5 HIGH
Network 		cesnet libyang In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead … CWE-252
 Unchecked Return Value 		CVE-2021-28904 2024-11-21 15:00 2021-05-21 Show GitHub Exploit DB Packet Storm
194662 7.5 HIGH
Network 		cesnet libyang A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and le… CWE-674
 Uncontrolled Recursion 		CVE-2021-28903 2024-11-21 15:00 2021-05-21 Show GitHub Exploit DB Packet Storm
194663 7.5 HIGH
Network 		cesnet libyang In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->f… CWE-252
 Unchecked Return Value 		CVE-2021-28902 2024-11-21 15:00 2021-05-21 Show GitHub Exploit DB Packet Storm
194664 7.5 HIGH
Network 		envoyproxy envoy An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion. CWE-617
 Reachable Assertion 		CVE-2021-29258 2024-11-21 15:00 2021-05-21 Show GitHub Exploit DB Packet Storm
194665 7.5 HIGH
Network 		envoyproxy envoy An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received. CWE-476
 NULL Pointer Dereference 		CVE-2021-28683 2024-11-21 15:00 2021-05-21 Show GitHub Exploit DB Packet Storm
194666 7.5 HIGH
Network 		envoyproxy envoy An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations. CWE-190
 Integer Overflow or Wraparound 		CVE-2021-28682 2024-11-21 15:00 2021-05-21 Show GitHub Exploit DB Packet Storm
194667 7.5 HIGH
Network 		invoiceplane invoiceplane In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and file download. Allowing an attacker to directory traversal and download files suppose to be private with… CWE-552
 Files or Directories Accessible to External Parties 		CVE-2021-29024 2024-11-21 15:00 2021-05-18 Show GitHub Exploit DB Packet Storm
194668 5.3 MEDIUM
Network 		invoiceplane invoiceplane InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable. CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2021-29023 2024-11-21 15:00 2021-05-18 Show GitHub Exploit DB Packet Storm
194669 4.3 MEDIUM
Network 		liferay dxp
liferay_portal 		The Data Engine module in Liferay Portal 7.3.0 through 7.3.5, and Liferay DXP 7.3 before fix pack 1 does not check permissions in DataDefinitionResourceImpl.getSiteDataDefinitionByContentTypeByDataDe… CWE-276
Incorrect Default Permissions  		CVE-2021-29052 2024-11-21 15:00 2021-05-17 Show GitHub Exploit DB Packet Storm
194670 6.1 MEDIUM
Network 		liferay dxp
liferay_portal 		Cross-site scripting (XSS) vulnerability in the Asset module's Asset Publisher app in Liferay Portal 7.2.1 through 7.3.5, and Liferay DXP 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before… CWE-79
Cross-site Scripting 		CVE-2021-29051 2024-11-21 15:00 2021-05-17 Show GitHub Exploit DB Packet Storm