Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257991 6.8 警告 IBM - IBM AIX および VIOS の sa_snap におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3405 2010-10-5 18:56 2010-08-6 Show GitHub Exploit DB Packet Storm
257992 4.3 警告 有限会社 のれんずプロ - AD-EDIT2 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2367 2010-10-5 11:02 2010-10-5 Show GitHub Exploit DB Packet Storm
257993 9.3 危険 アップル - iPhone および iPod touch 上で稼動する Apple iOS の ImageIO におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1817 2010-10-4 17:59 2010-09-8 Show GitHub Exploit DB Packet Storm
257994 5.8 警告 アップル - iPhone および iPod touch 上で稼動する Apple iOS の FaceTime における通話をリダイレクトされる脆弱性 CWE-Other
その他 		CVE-2010-1810 2010-10-4 17:55 2010-09-8 Show GitHub Exploit DB Packet Storm
257995 10 危険 アップル - iPhone および iPod touch 上で稼動する Apple iOS の Accessibility コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-1809 2010-10-4 17:55 2010-09-8 Show GitHub Exploit DB Packet Storm
257996 4 警告 ISC, Inc.
IBM
サイバートラスト株式会社
サン・マイクロシステムズ
ターボリナックス
ヒューレット・パッカード
レッドハット		 - BIND 9 の DNSSEC 検証処理における脆弱性 CWE-noinfo
情報不足 		CVE-2009-4022 2010-10-1 17:39 2009-12-2 Show GitHub Exploit DB Packet Storm
257997 4 警告 ISC, Inc.
サイバートラスト株式会社
ターボリナックス
ヒューレット・パッカード
レッドハット		 - ISC BIND における DNS キャッシュ汚染の脆弱性 CWE-noinfo
情報不足 		CVE-2010-0290 2010-10-1 17:39 2010-01-22 Show GitHub Exploit DB Packet Storm
257998 7.6 危険 ISC, Inc.
ヒューレット・パッカード		 - ISC BIND における処理範囲外のデータ処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-0382 2010-10-1 17:38 2010-01-22 Show GitHub Exploit DB Packet Storm
257999 9 危険 日立 - Groupmax Scheduler Server における複数の脆弱性 CWE-noinfo
情報不足 		- 2010-10-1 17:37 2010-09-6 Show GitHub Exploit DB Packet Storm
258000 5.8 警告 富士通
アクセラテクノロジ		 - Accela BizSearch の文書参照画面におけるフィッシング脅威の脆弱性 CWE-noinfo
情報不足 		- 2010-10-1 17:37 2010-09-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196711 7.5 HIGH
Network 		mercusys mercury_x18g_firmware MERCUSYS Mercury X18G 1.0.5 devices allow Denial of service via a crafted value to the POST listen_http_lan parameter. Upon subsequent device restarts after this vulnerability is exploted the device … NVD-CWE-noinfo
CVE-2021-25811 2024-11-21 14:55 2021-04-30 Show GitHub Exploit DB Packet Storm
196712 6.1 MEDIUM
Network 		mercusys mercury_x18g_firmware Cross site Scripting (XSS) vulnerability in MERCUSYS Mercury X18G 1.0.5 devices, via crafted values to the 'src_dport_start', 'src_dport_end', and 'dest_port' parameters. CWE-79
Cross-site Scripting 		CVE-2021-25810 2024-11-21 14:55 2021-04-30 Show GitHub Exploit DB Packet Storm
196713 9.8 CRITICAL
Network 		minthcm minthcm A weak password requirement vulnerability exists in the Create New User function of MintHCM RELEASE 3.0.8, which could lead an attacker to easier password brute-forcing. CWE-521
Weak Password Requirements  		CVE-2021-25839 2024-11-21 14:55 2021-04-26 Show GitHub Exploit DB Packet Storm
196714 6.1 MEDIUM
Network 		minthcm minthcm The Import function in MintHCM RELEASE 3.0.8 allows an attacker to execute a cross-site scripting (XSS) payload in file-upload. CWE-79
Cross-site Scripting 		CVE-2021-25838 2024-11-21 14:55 2021-04-26 Show GitHub Exploit DB Packet Storm
196715 9.8 CRITICAL
Network 		manta safe-obj Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2021-25928 2024-11-21 14:55 2021-04-26 Show GitHub Exploit DB Packet Storm
196716 9.8 CRITICAL
Network 		safe-flat_project safe-flat Prototype pollution vulnerability in 'safe-flat' versions 2.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2021-25927 2024-11-21 14:55 2021-04-26 Show GitHub Exploit DB Packet Storm
196717 7.5 HIGH
Network 		void aurall_rec_monitor An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attacker can send a crafted HTTP request to perform a blind time-based SQL Injection. The vulnerable par… CWE-89
SQL Injection 		CVE-2021-25899 2024-11-21 14:55 2021-04-24 Show GitHub Exploit DB Packet Storm
196718 7.5 HIGH
Network 		void aural_rec_monitor An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value… CWE-798
CWE-312
 Use of Hard-coded Credentials
 Cleartext Storage of Sensitive Information 		CVE-2021-25898 2024-11-21 14:55 2021-04-24 Show GitHub Exploit DB Packet Storm
196719 7.8 HIGH
Local 		siemens tecnomatix_robotexpert A vulnerability has been identified in Tecnomatix RobotExpert (All versions < V16.1). Affected applications lack proper validation of user-supplied data when parsing CELL files. This could result in … - CVE-2021-25670 2024-11-21 14:55 2021-04-23 Show GitHub Exploit DB Packet Storm
196720 7.5 HIGH
Network 		adtran personal_phone_manager AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be use… NVD-CWE-noinfo
CVE-2021-25681 2024-11-21 14:55 2021-04-20 Show GitHub Exploit DB Packet Storm