Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257641 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-1283 2010-06-1 15:44 2010-05-11 Show GitHub Exploit DB Packet Storm
257642 4.3 警告 レッドハット
Glyph & Cog, LLC
ターボリナックス
サイバートラスト株式会社
CUPS		 - Xpdf および CUPS の JBIG2 デコーダーにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2009-0166 2010-06-1 12:01 2009-04-16 Show GitHub Exploit DB Packet Storm
257643 4.3 警告 Glyph & Cog, LLC
アップル
サイバートラスト株式会社
CUPS
ターボリナックス
レッドハット		 - Xpdf および CUPS の JBIG2 デコーダーにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-0147 2010-06-1 12:01 2009-04-16 Show GitHub Exploit DB Packet Storm
257644 4.3 警告 Glyph & Cog, LLC
アップル
サイバートラスト株式会社
CUPS
ターボリナックス
レッドハット		 - Xpdf および CUPS の JBIG2 デコーダーにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2009-0146 2010-06-1 12:01 2009-04-16 Show GitHub Exploit DB Packet Storm
257645 4.3 警告 アドビシステムズ - Adobe Shockwave Player におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1282 2010-05-31 18:27 2010-05-11 Show GitHub Exploit DB Packet Storm
257646 9.3 危険 アドビシステムズ - Adobe Shockwave Player の iml32.dll における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-1281 2010-05-31 18:26 2010-05-11 Show GitHub Exploit DB Packet Storm
257647 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-1280 2010-05-31 18:26 2010-05-11 Show GitHub Exploit DB Packet Storm
257648 9.3 危険 アドビシステムズ - Adobe Shockwave Player におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0987 2010-05-31 18:26 2010-05-11 Show GitHub Exploit DB Packet Storm
257649 9.3 危険 アドビシステムズ - Adobe Shockwave Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0986 2010-05-31 18:26 2010-05-11 Show GitHub Exploit DB Packet Storm
257650 9.3 危険 アドビシステムズ - Adobe Shockwave Player における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0130 2010-05-28 18:44 2010-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196841 7.2 HIGH
Network 		concretecms concrete_cms A bypass of adding remote files in Concrete CMS (previously concrete5) File Manager leads to remote code execution in Concrete CMS (concrete5) versions 8.5.6 and below.The external file upload featur… CWE-330
CWE-434
 Use of Insufficiently Random Values
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-22968 2024-11-21 14:51 2021-11-20 Show GitHub Exploit DB Packet Storm
196842 8.8 HIGH
Network 		concretecms concrete_cms Privilege escalation from Editor to Admin using Groups in Concrete CMS versions 8.5.6 and below. If a group is granted "view" permissions on the bulkupdate page, then users in that group can escalate… CWE-863
 Incorrect Authorization 		CVE-2021-22966 2024-11-21 14:51 2021-11-20 Show GitHub Exploit DB Packet Storm
196843 7.5 HIGH
Network 		concretecms concrete_cms Unauthorized individuals could view password protected files using view_inline in Concrete CMS (previously concrete 5) prior to version 8.5.7. Concrete CMS now checks to see if a file has a password … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2021-22951 2024-11-21 14:51 2021-11-20 Show GitHub Exploit DB Packet Storm
196844 7.8 HIGH
Local 		gallagher command_centre Unquoted service path vulnerability in the Gallagher Controller Service allows an unprivileged user to execute arbitrary code as the account that runs the Controller Service. This issue affects: Gall… CWE-428
 Unquoted Search Path or Element 		CVE-2021-23197 2024-11-21 14:51 2021-11-19 Show GitHub Exploit DB Packet Storm
196845 6.5 MEDIUM
Network 		gallagher command_centre Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre S… CWE-269
 Improper Privilege Management 		CVE-2021-23193 2024-11-21 14:51 2021-11-19 Show GitHub Exploit DB Packet Storm
196846 6.8 MEDIUM
Network 		gallagher command_centre Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Ce… CWE-295
Improper Certificate Validation  		CVE-2021-23167 2024-11-21 14:51 2021-11-19 Show GitHub Exploit DB Packet Storm
196847 8.1 HIGH
Network 		gallagher command_centre_mobile_connect Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre … CWE-295
Improper Certificate Validation  		CVE-2021-23162 2024-11-21 14:51 2021-11-19 Show GitHub Exploit DB Packet Storm
196848 6.8 MEDIUM
Network 		gallagher command_centre_mobile_client Improper validation of the cloud certificate chain in Mobile Client allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre M… CWE-295
Improper Certificate Validation  		CVE-2021-23155 2024-11-21 14:51 2021-11-19 Show GitHub Exploit DB Packet Storm
196849 7.5 HIGH
Network 		gallagher command_centre An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior… CWE-697
 Incorrect Comparison 		CVE-2021-23146 2024-11-21 14:51 2021-11-19 Show GitHub Exploit DB Packet Storm
196850 6.5 MEDIUM
Network 		llhttp
oracle
debian 		llhttp
graalvm
debian_linux 		The parser in accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS) in llhttp < v2.1.4 and < v6.0.6. CWE-444
HTTP Request Smuggling 		CVE-2021-22959 2024-11-21 14:51 2021-11-16 Show GitHub Exploit DB Packet Storm