Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258141	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の DIRAPI.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-2880	2010-09-13 15:45	2010-08-24	Show	GitHub Exploit DB Packet Storm

258142	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の TextXtra.x32 モジュールにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-2879	2010-09-13 15:45	2010-08-24	Show	GitHub Exploit DB Packet Storm

258143	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の DIRAPIX.dll における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2878	2010-09-13 15:45	2010-08-24	Show	GitHub Exploit DB Packet Storm

258144	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2877	2010-09-13 15:45	2010-08-24	Show	GitHub Exploit DB Packet Storm

258145	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2876	2010-09-13 15:44	2010-08-24	Show	GitHub Exploit DB Packet Storm

258146	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における整数符号エラーの脆弱性	CWE-189 数値処理の問題	CVE-2010-2875	2010-09-13 15:44	2010-08-24	Show	GitHub Exploit DB Packet Storm

258147	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-2874	2010-09-13 15:44	2010-08-24	Show	GitHub Exploit DB Packet Storm

258148	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2873	2010-09-13 15:43	2010-08-24	Show	GitHub Exploit DB Packet Storm

258149	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2872	2010-09-10 15:17	2010-08-24	Show	GitHub Exploit DB Packet Storm

258150	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の 3D オブジェクト関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-2871	2010-09-10 15:17	2010-08-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196601	7.1	HIGH Local	videolan	vlc_media_player	A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.	CWE-125 Out-of-bounds Read	CVE-2021-25801	2024-11-21 14:55	2021-07-27	Show	GitHub Exploit DB Packet Storm

196602	5.3	MEDIUM Network	ucms_project	ucms	UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.	CWE-209 Information Exposure Through an Error Message	CVE-2021-25809	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196603	7.8	HIGH Local	bludit	bludit	A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.	CWE-94 Code Injection	CVE-2021-25808	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196604	5.4	MEDIUM Network	online_doctor_appointment_system_php_full_source_code_project	online_doctor_appointment_system_php_full_source_code	Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HT…	CWE-79 Cross-site Scripting	CVE-2021-25791	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196605	5.4	MEDIUM Network	house_rental_and_property_listing_php_project	house_rental_and_property_listing_php	Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML vi…	CWE-79 Cross-site Scripting	CVE-2021-25790	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196606	6.1	MEDIUM Network	fantastic_blog_project	fantastic_blog	Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php.	CWE-79 Cross-site Scripting	CVE-2021-26224	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196607	9.8	CRITICAL Network	casap_automated_enrollment_system_project	casap_automated_enrollment_system	SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php.	CWE-89 SQL Injection	CVE-2021-26223	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196608	9.8	CRITICAL Network	casap_automated_enrollment_system_project	casap_automated_enrollment_system	SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php.	CWE-89 SQL Injection	CVE-2021-26226	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196609	9.8	CRITICAL Network	simple_college_website_project	simple_college_website	SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php.	CWE-89 SQL Injection	CVE-2021-26232	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196610	9.8	CRITICAL Network	fantastic_blog_cms_project	fantastic_blog_cms	SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php.	CWE-89 SQL Injection	CVE-2021-26231	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm