Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253811	9.3	危険	FFmpeg	-	FFmpeg の Matroska フォーマットデコーダにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-3504	2011-10-5 16:26	2011-09-29	Show	GitHub Exploit DB Packet Storm

253812	4.3	警告	Wibu-Systems AG	-	Wibu-Systems CodeMeter WebAdmin の Licenses.html におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3689	2011-10-4 10:29	2011-09-27	Show	GitHub Exploit DB Packet Storm

253813	5	警告	NetSaro	-	NetSaro Enterprise Messenger Server におけるアプリケーションのソースコードを読まれる脆弱性	CWE-200 情報漏えい	CVE-2011-3694	2011-10-4 10:28	2011-09-27	Show	GitHub Exploit DB Packet Storm

253814	1.9	注意	NetSaro	-	NetSaro Enterprise Messenger Server における平文のサーバ資格情報を発見される脆弱性	CWE-310 暗号の問題	CVE-2011-3693	2011-10-4 10:25	2011-09-27	Show	GitHub Exploit DB Packet Storm

253815	1.9	注意	NetSaro	-	NetSaro Enterprise Messenger Server における重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2011-3692	2011-10-4 10:06	2011-09-27	Show	GitHub Exploit DB Packet Storm

253816	6.9	警告	Foxit Software Inc	-	Foxit Reader における権限を取得される脆弱性	CWE-Other その他	CVE-2011-3691	2011-10-4 10:01	2011-09-27	Show	GitHub Exploit DB Packet Storm

253817	6.9	警告	PlotSoft L.L.C.	-	PlotSoft PDFill PDF Editor における権限を取得される脆弱性	CWE-Other その他	CVE-2011-3690	2011-10-4 10:00	2011-09-27	Show	GitHub Exploit DB Packet Storm

253818	7.5	危険	Sonexis Technology, Inc.	-	Sonexis ConferenceManager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-3688	2011-10-4 09:45	2011-09-27	Show	GitHub Exploit DB Packet Storm

253819	4.3	警告	Sonexis Technology, Inc.	-	Sonexis ConferenceManager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3687	2011-10-3 14:56	2011-09-27	Show	GitHub Exploit DB Packet Storm

253820	4.3	警告	Sonexis Technology, Inc.	-	Sonexis ConferenceManager の myAddressBook.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3686	2011-10-3 14:55	2011-09-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195181	9.8	CRITICAL Network	c2fo	comb	All versions of package comb are vulnerable to Prototype Pollution via the deepMerge() function.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2021-23561	2024-11-21 14:51	2021-12-11	Show	GitHub Exploit DB Packet Storm

195182	9.1	CRITICAL Network	h2database	h2	The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives parsed string data fr…	CWE-611 XXE	CVE-2021-23463	2024-11-21 14:51	2021-12-11	Show	GitHub Exploit DB Packet Storm

195183	7.2	HIGH Network	bosch	bosch_video_management_system video_recording_manager videojet_decoder_7513_firmware videojet_decoder_8000_firmware	A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BV…	CWE-78 OS Command	CVE-2021-23862	2024-11-21 14:51	2021-12-9	Show	GitHub Exploit DB Packet Storm

195184	6.5	MEDIUM Network	bosch	bosch_video_management_system video_recording_manager	By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software.…	NVD-CWE-Other	CVE-2021-23861	2024-11-21 14:51	2021-12-9	Show	GitHub Exploit DB Packet Storm

195185	6.1	MEDIUM Network	bosch	bosch_video_management_system video_recording_manager	An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header tha…	CWE-79 Cross-site Scripting	CVE-2021-23860	2024-11-21 14:51	2021-12-9	Show	GitHub Exploit DB Packet Storm

195186	7.5	HIGH Network	bosch	bosch_video_management_system video_recording_manager access_easy_controller_firmware video_recording_manager_exporter building_integration_system access_professional_edition	An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to …	CWE-755 Improper Handling of Exceptional Conditions	CVE-2021-23859	2024-11-21 14:51	2021-12-9	Show	GitHub Exploit DB Packet Storm

195187	7.5	HIGH Network	citrix	application_delivery_controller_firmware gateway sd-wan	An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface acce…	CWE-400 Uncontrolled Resource Consumption	CVE-2021-22956	2024-11-21 14:51	2021-12-7	Show	GitHub Exploit DB Packet Storm

195188	7.5	HIGH Network	citrix	application_delivery_controller_firmware gateway	A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to caus…	CWE-400 Uncontrolled Resource Consumption	CVE-2021-22955	2024-11-21 14:51	2021-12-7	Show	GitHub Exploit DB Packet Storm

195189	9.8	CRITICAL Network	ajaxpro.2_project	ajaxpro.2	All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code exec…	CWE-502 Deserialization of Untrusted Data	CVE-2021-23758	2024-11-21 14:51	2021-12-4	Show	GitHub Exploit DB Packet Storm

195190	8.8	HIGH Network	tiny	plupload	This affects the package plupload before 2.3.9. A file name containing JavaScript code could be uploaded and run. An attacker would need to trick a user to upload this kind of file.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-23562	2024-11-21 14:51	2021-12-4	Show	GitHub Exploit DB Packet Storm