Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253221	4.3	警告	OSQA	-	OSQA の questions/ask におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1782	2012-03-22 16:33	2012-03-19	Show	GitHub Exploit DB Packet Storm

253222	4.3	警告	Dotclear	-	Dotclear におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1039	2012-03-22 16:18	2012-03-19	Show	GitHub Exploit DB Packet Storm

253223	4.3	警告	Oxwall	-	OxWall におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0872	2012-03-22 16:17	2012-03-19	Show	GitHub Exploit DB Packet Storm

253224	4.3	警告	SocialCMS	-	SocialCMS の ajax/commentajax.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1781	2012-03-22 16:15	2012-03-19	Show	GitHub Exploit DB Packet Storm

253225	7.5	危険	SocialCMS	-	SocialCMS の search.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-1780	2012-03-22 16:14	2012-03-19	Show	GitHub Exploit DB Packet Storm

253226	9.3	危険	マイクロソフト	-	Microsoft Windows のリモートデスクトッププロトコルの実装における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0002	2012-03-22 13:40	2012-03-13	Show	GitHub Exploit DB Packet Storm

253227	9.3	危険	VideoLAN	-	VideoLAN VLC media player におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-1776	2012-03-21 16:50	2012-03-12	Show	GitHub Exploit DB Packet Storm

253228	9.3	危険	VideoLAN	-	VideoLAN VLC media player におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-1775	2012-03-21 16:50	2012-03-12	Show	GitHub Exploit DB Packet Storm

253229	10	危険	Gretech	-	Gretech GOM Media Player の Open URL 機能における脆弱性	CWE-noinfo 情報不足	CVE-2012-1774	2012-03-21 16:38	2012-03-18	Show	GitHub Exploit DB Packet Storm

253230	9.3	危険	Gretech	-	Gretech GOM Media Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2012-1264	2012-03-21 16:37	2012-03-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194751	9.8	CRITICAL Network	johnsoncontrols	exacqvision_web_service	Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.	CWE-269 Improper Privilege Management	CVE-2021-27664	2024-11-21 14:58	2021-10-12	Show	GitHub Exploit DB Packet Storm

194752	8.1	HIGH Network	johnsoncontrols	kantech_kt-1_door_controller_firmware	The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and inc…	CWE-294 Authentication Bypass by Capture-replay	CVE-2021-27662	2024-11-21 14:58	2021-09-15	Show	GitHub Exploit DB Packet Storm

194753	6.1	MEDIUM Network	apache	zeppelin	Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts. This issue affects Apache Zeppelin Apache Zeppelin versions prior to 0.9.…	CWE-79 Cross-site Scripting	CVE-2021-27578	2024-11-21 14:58	2021-09-3	Show	GitHub Exploit DB Packet Storm

194754	5.3	MEDIUM Network	hashicorp	vault	HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR secondaries without authentication. Fixed in 1.6.3.	CWE-306 Missing Authentication for Critical Function	CVE-2021-27668	2024-11-21 14:58	2021-09-1	Show	GitHub Exploit DB Packet Storm

194755	6.1	MEDIUM Network	easycorp	zentao	A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator.	CWE-79 Cross-site Scripting	CVE-2021-27558	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194756	4.3	MEDIUM Network	easycorp	zentao	A cross-site request forgery (CSRF) vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job.	CWE-352 Origin Validation Error	CVE-2021-27557	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194757	7.2	HIGH Network	easycorp	zentao	The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System.	CWE-78 OS Command	CVE-2021-27556	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194758	9.8	CRITICAL Network	johnsoncontrols	ac2000_firmware	A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Contr…	NVD-CWE-Other	CVE-2021-27663	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194759	3.5	LOW Network	acquia	mautic	The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographicall…	CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	CVE-2021-27913	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

194760	5.4	MEDIUM Network	acquia	mautic	Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can o…	CWE-79 Cross-site Scripting	CVE-2021-27912	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm