Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257611	6.9	警告	CVS レッドハット	-	CVS の rcs.c 内にある apply_rcs_change 関数における権限昇格の脆弱性	CWE-119 バッファエラー	CVE-2010-3846	2010-12-21 15:30	2010-11-5	Show	GitHub Exploit DB Packet Storm

257612	10	危険	RealFlex Technologies	-	RealFlex RealWin HMI サービスにバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4142	2010-12-21 15:25	2010-11-22	Show	GitHub Exploit DB Packet Storm

257613	4.3	警告	Webmin Project オラクル	-	Webmin および Usermin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4568	2010-12-21 15:14	2010-01-5	Show	GitHub Exploit DB Packet Storm

257614	6.8	警告	富士通	-	Interstage Application Server における許可されていない IP アドレスからのリクエストのアクセスを許可する脆弱性	CWE-noinfo 情報不足	-	2010-12-21 14:14	2010-11-19	Show	GitHub Exploit DB Packet Storm

257615	8.3	危険	日立	-	日立の Groupmax 関連製品におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	-	2010-12-21 14:06	2010-11-17	Show	GitHub Exploit DB Packet Storm

257616	4.3	警告	The PHP Group アップルサイバートラスト株式会社レッドハット	-	PHP の var_export 関数における、重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-2531	2010-12-20 16:08	2010-07-22	Show	GitHub Exploit DB Packet Storm

257617	4.6	警告	サイバートラスト株式会社 Linux レッドハット	-	Hypervisor の命令のエミュレーションにおけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2010-0435	2010-12-20 16:01	2010-08-19	Show	GitHub Exploit DB Packet Storm

257618	5	警告	レッドハット Pidgin オラクル	-	Pidgin の MSN プロトコルプラグインの msn_emoticon_msg 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-1624	2010-12-20 16:00	2010-05-12	Show	GitHub Exploit DB Packet Storm

257619	4.3	警告	IBM Apache Software Foundation アップルサイバートラスト株式会社富士通ヒューレット・パッカードターボリナックス日立	-	Apache HTTP Server の 413 エラーメッセージにおける HTTP メソッドを適切に検査しない問題	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6203	2010-12-20 15:38	2007-12-3	Show	GitHub Exploit DB Packet Storm

257620	4.3	警告	シマンテック	-	PGP Desktop にデータインジェクションの脆弱性	CWE-310 暗号の問題	CVE-2010-3618	2010-12-20 14:44	2010-11-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195361	7.5	HIGH Network	johnsoncontrols	exacqvision_server	An unauthenticated remote user could exploit a potential integer overflow condition in the exacqVision Server with a specially crafted script and cause denial-of-service condition.	CWE-190 Integer Overflow or Wraparound	CVE-2021-27665	2024-11-21 14:58	2021-10-12	Show	GitHub Exploit DB Packet Storm

195362	9.8	CRITICAL Network	johnsoncontrols	exacqvision_web_service	Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.	CWE-269 Improper Privilege Management	CVE-2021-27664	2024-11-21 14:58	2021-10-12	Show	GitHub Exploit DB Packet Storm

195363	8.1	HIGH Network	johnsoncontrols	kantech_kt-1_door_controller_firmware	The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and inc…	CWE-294 Authentication Bypass by Capture-replay	CVE-2021-27662	2024-11-21 14:58	2021-09-15	Show	GitHub Exploit DB Packet Storm

195364	6.1	MEDIUM Network	apache	zeppelin	Cross Site Scripting vulnerability in markdown interpreter of Apache Zeppelin allows an attacker to inject malicious scripts. This issue affects Apache Zeppelin Apache Zeppelin versions prior to 0.9.…	CWE-79 Cross-site Scripting	CVE-2021-27578	2024-11-21 14:58	2021-09-3	Show	GitHub Exploit DB Packet Storm

195365	5.3	MEDIUM Network	hashicorp	vault	HashiCorp Vault Enterprise 0.9.2 through 1.6.2 allowed the read of license metadata from DR secondaries without authentication. Fixed in 1.6.3.	CWE-306 Missing Authentication for Critical Function	CVE-2021-27668	2024-11-21 14:58	2021-09-1	Show	GitHub Exploit DB Packet Storm

195366	6.1	MEDIUM Network	easycorp	zentao	A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator.	CWE-79 Cross-site Scripting	CVE-2021-27558	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

195367	4.3	MEDIUM Network	easycorp	zentao	A cross-site request forgery (CSRF) vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job.	CWE-352 Origin Validation Error	CVE-2021-27557	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

195368	7.2	HIGH Network	easycorp	zentao	The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System.	CWE-78 OS Command	CVE-2021-27556	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

195369	9.8	CRITICAL Network	johnsoncontrols	ac2000_firmware	A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Contr…	NVD-CWE-Other	CVE-2021-27663	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

195370	3.5	LOW Network	acquia	mautic	The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographicall…	CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	CVE-2021-27913	2024-11-21 14:58	2021-08-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed