Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257091	7.2	危険	VMware	-	VMware Fusion の vmx86 のカーネル拡張における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-3281	2010-03-24 12:22	2009-10-1	Show	GitHub Exploit DB Packet Storm

257092	9.3	危険	VMware	-	複数の VMware 製品の VMnc media コーデックにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2628	2010-03-24 12:22	2009-09-4	Show	GitHub Exploit DB Packet Storm

257093	9.3	危険	VMware	-	複数の VMware 製品の VMnc media コーデックにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0199	2010-03-24 12:22	2009-09-4	Show	GitHub Exploit DB Packet Storm

257094	5	警告	VMware	-	VMware Studio の Web インターフェースにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-2968	2010-03-24 12:22	2009-08-31	Show	GitHub Exploit DB Packet Storm

257095	4	警告	VMware	-	複数の VMware 製品の Descheduled Time Accounting ドライバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2009-1805	2010-03-24 12:22	2009-05-28	Show	GitHub Exploit DB Packet Storm

257096	6.8	警告	VMware	-	複数の VMware 製品の仮想マシン表示機能における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2009-1244	2010-03-24 12:21	2009-04-10	Show	GitHub Exploit DB Packet Storm

257097	7.2	危険	VMware	-	複数の VMware 製品の仮想マシン通信インターフェイスにおける権限昇格の脆弱性	CWE-noinfo 情報不足	CVE-2009-1147	2010-03-24 12:21	2009-04-3	Show	GitHub Exploit DB Packet Storm

257098	4.9	警告	VMware	-	複数の VMware 製品の ioctl におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2009-1146	2010-03-23 14:11	2010-04-3	Show	GitHub Exploit DB Packet Storm

257099	6.8	警告	VMware	-	複数の VMware 製品の VNnc コーデックにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0910	2010-03-23 14:11	2010-04-3	Show	GitHub Exploit DB Packet Storm

257100	9.3	危険	VMware	-	複数の VMware 製品の VNnc コーデックにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0909	2010-03-23 14:10	2010-04-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196501	5.5	MEDIUM Local	jenkins	nomad	Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins control…	CWE-522 Insufficiently Protected Credentials	CVE-2021-21681	2024-11-21 14:48	2021-08-31	Show	GitHub Exploit DB Packet Storm

196502	7.1	HIGH Network	jenkins	nested_view	Jenkins Nested View Plugin 1.20 and earlier does not configure its XML transformer to prevent XML external entity (XXE) attacks.	CWE-611 XXE	CVE-2021-21680	2024-11-21 14:48	2021-08-31	Show	GitHub Exploit DB Packet Storm

196503	8.8	HIGH Network	jenkins	azure_ad	Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.	CWE-352 Origin Validation Error	CVE-2021-21679	2024-11-21 14:48	2021-08-31	Show	GitHub Exploit DB Packet Storm

196504	8.8	HIGH Network	jenkins	saml	Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.	CWE-352 Origin Validation Error	CVE-2021-21678	2024-11-21 14:48	2021-08-31	Show	GitHub Exploit DB Packet Storm

196505	8.8	HIGH Network	jenkins	code_coverage_api	Jenkins Code Coverage API Plugin 1.4.0 and earlier does not apply Jenkins JEP-200 deserialization protection to Java objects it deserializes from disk, resulting in a remote code execution vulnerabil…	CWE-502 Deserialization of Untrusted Data	CVE-2021-21677	2024-11-21 14:48	2021-08-31	Show	GitHub Exploit DB Packet Storm

196506	9.8	CRITICAL Network	zte	zxv10_m910_firmware	There is a command execution vulnerability in a ZTE conference management system. As some services are enabled by default, the attacker could exploit this vulnerability to execute arbitrary commands …	CWE-502 Deserialization of Untrusted Data	CVE-2021-21741	2024-11-21 14:48	2021-08-31	Show	GitHub Exploit DB Packet Storm

196507	7.5	HIGH Network	mz-automation	lib60870	A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications.…	CWE-617 Reachable Assertion	CVE-2021-21778	2024-11-21 14:48	2021-08-26	Show	GitHub Exploit DB Packet Storm

196508	3.3	LOW Local	linux oracle	linux_kernel communications_cloud_native_core_binding_support_function communications_cloud_native_core_policy communications_cloud_native_core_network_exposure_function	An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application…	CWE-908 Use of Uninitialized Resource	CVE-2021-21781	2024-11-21 14:48	2021-08-19	Show	GitHub Exploit DB Packet Storm

196509	6.7	MEDIUM Local	dell	emc_powerscale_onefs	Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to escalate privileges and es…	CWE-78 OS Command	CVE-2021-21599	2024-11-21 14:48	2021-08-17	Show	GitHub Exploit DB Packet Storm

196510	6.7	MEDIUM Local	dell	emc_powerscale_onefs	Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privilege…	CWE-77 Command Injection	CVE-2021-21595	2024-11-21 14:48	2021-08-17	Show	GitHub Exploit DB Packet Storm