Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257331 3.6 注意 オラクル - Oracle Database の Change Data Capture コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0870 2010-05-12 15:18 2010-04-13 Show GitHub Exploit DB Packet Storm
257332 4 警告 オラクル - Oracle Database の XML DB コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0851 2010-05-12 15:17 2010-04-13 Show GitHub Exploit DB Packet Storm
257333 4 警告 オラクル - Oracle Database の JavaVM コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0867 2010-05-12 15:17 2010-04-13 Show GitHub Exploit DB Packet Storm
257334 5.5 警告 オラクル - Oracle Database の XML DB コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0852 2010-05-12 15:17 2010-04-13 Show GitHub Exploit DB Packet Storm
257335 6.5 警告 オラクル - Oracle Database の JavaVM コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0866 2010-05-12 15:17 2010-04-13 Show GitHub Exploit DB Packet Storm
257336 7.1 危険 オラクル - Oracle Database の Core RDBMS コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0860 2010-05-12 15:16 2010-04-13 Show GitHub Exploit DB Packet Storm
257337 7.5 危険 オラクル - 複数の Oracle 製品の Oracle Internet Directory コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0853 2010-05-12 15:16 2010-04-13 Show GitHub Exploit DB Packet Storm
257338 2.6 注意 シックス・アパート株式会社 - Movable Type におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1985 2010-05-12 12:01 2010-05-12 Show GitHub Exploit DB Packet Storm
257339 10 危険 日立 - 複数の EUR Form 製品 および EUR 製品における任意のコードが実行される脆弱性 CWE-noinfo
情報不足 		- 2010-05-11 15:16 2010-03-31 Show GitHub Exploit DB Packet Storm
257340 6.4 警告 マイクロソフト - Microsoft Windows における ISATAP パケットの処理に関する IPv4 ソースアドレスの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0812 2010-05-11 15:16 2010-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194651 9.8 CRITICAL
Network 		if-me ifme In Ifme, versions 1.0.0 to v.7.33.2 don’t properly invalidate a user’s session even after the user initiated logout. It makes it possible for an attacker to reuse the admin cookies either via local/n… - CVE-2021-25992 2024-11-21 14:55 2022-02-10 Show GitHub Exploit DB Packet Storm
194652 2.7 LOW
Network 		arangodb arangodb In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests pe… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2021-25939 2024-11-21 14:55 2022-02-9 Show GitHub Exploit DB Packet Storm
194653 6.1 MEDIUM
Network 		cacti cacti As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL paramete… CWE-79
Cross-site Scripting 		CVE-2021-26247 2024-11-21 14:55 2022-01-20 Show GitHub Exploit DB Packet Storm
194654 3.0 LOW
Network 		kubernetes kubernetes kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as… NVD-CWE-Other
CVE-2021-25743 2024-11-21 14:55 2022-01-7 Show GitHub Exploit DB Packet Storm
194655 8.8 HIGH
Network 		userfrosting userfrosting In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. By luring a victim application user to click on a link, an unauthenticated attacker can use the “forgot password” f… CWE-74
Injection 		CVE-2021-25994 2024-11-21 14:55 2022-01-3 Show GitHub Exploit DB Packet Storm
194656 9.8 CRITICAL
Network 		talkyard talkyard In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the … CWE-613
 Insufficient Session Expiration 		CVE-2021-25981 2024-11-21 14:55 2022-01-3 Show GitHub Exploit DB Packet Storm
194657 5.4 MEDIUM
Network 		requarks wiki.js In Requarks wiki.js, versions 2.0.0-beta.147 to 2.5.255 are affected by Stored XSS vulnerability, where a low privileged (editor) user can upload a SVG file that contains malicious JavaScript while u… CWE-79
Cross-site Scripting 		CVE-2021-25993 2024-11-21 14:55 2021-12-30 Show GitHub Exploit DB Packet Storm
194658 7.3 HIGH
Network 		if-me ifme In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete … NVD-CWE-Other
CVE-2021-25991 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm
194659 5.4 MEDIUM
Network 		if-me ifme In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe. CWE-79
Cross-site Scripting 		CVE-2021-25990 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm
194660 5.4 MEDIUM
Network 		if-me ifme In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability in the markdown editor. It can be exploited by making a victim a Leader of a group which triggers the payload for … CWE-79
Cross-site Scripting 		CVE-2021-25989 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm