Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 4:11 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258261	6.5	警告	サイバートラスト株式会社 Linux レッドハット	-	KVM の x86 エミュレータにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0298	2010-03-16 11:13	2010-02-9	Show	GitHub Exploit DB Packet Storm

258262	4.4	警告	サイバートラスト株式会社 Fabrice Bellard レッドハット	-	QEMU の usb_host_handle_control 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0297	2010-03-16 11:13	2010-02-9	Show	GitHub Exploit DB Packet Storm

258263	6.8	警告	サン・マイクロシステムズ freedesktop.org	-	Poppler における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-3605	2010-03-15 16:40	2009-11-2	Show	GitHub Exploit DB Packet Storm

258264	4.1	警告	Linux レッドハット	-	Linux kernel の smbfs に関する脆弱性	-	CVE-2006-5871	2010-03-15 16:40	2005-10-5	Show	GitHub Exploit DB Packet Storm

258265	7.8	危険	Linux レッドハット	-	Linux kernel の selinux_parse_skb_ipv6 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2005-4886	2010-03-15 16:40	2005-10-5	Show	GitHub Exploit DB Packet Storm

258266	5	警告	サン・マイクロシステムズ	-	Sun ONE/iPlanet Web Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2003-1589	2010-03-15 16:39	2003-12-2	Show	GitHub Exploit DB Packet Storm

258267	5	警告	サン・マイクロシステムズ	-	Sun ONE/iPlanet Web Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2003-1590	2010-03-15 16:39	2003-08-13	Show	GitHub Exploit DB Packet Storm

258268	7.1	危険	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の handle_dr 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-3722	2010-03-15 15:23	2009-10-30	Show	GitHub Exploit DB Packet Storm

258269	4.3	警告	シュナイダーエレクトリック株式会社 (旧社名株式会社エーピーシー・ジャパン)	-	APC Switched Rack PDU におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4406	2010-03-12 15:13	2009-12-23	Show	GitHub Exploit DB Packet Storm

258270	4.3	警告	シュナイダーエレクトリック株式会社 (旧社名株式会社エーピーシー・ジャパン)	-	APC Network Management Card におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1798	2010-03-12 15:13	2009-12-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196811	9.8	CRITICAL Network	c2fo	comb	All versions of package comb are vulnerable to Prototype Pollution via the deepMerge() function.	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2021-23561	2024-11-21 14:51	2021-12-11	Show	GitHub Exploit DB Packet Storm

196812	9.1	CRITICAL Network	h2database	h2	The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives parsed string data fr…	CWE-611 XXE	CVE-2021-23463	2024-11-21 14:51	2021-12-11	Show	GitHub Exploit DB Packet Storm

196813	7.2	HIGH Network	bosch	bosch_video_management_system video_recording_manager videojet_decoder_7513_firmware videojet_decoder_8000_firmware	A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BV…	CWE-78 OS Command	CVE-2021-23862	2024-11-21 14:51	2021-12-9	Show	GitHub Exploit DB Packet Storm

196814	6.5	MEDIUM Network	bosch	bosch_video_management_system video_recording_manager	By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software.…	NVD-CWE-Other	CVE-2021-23861	2024-11-21 14:51	2021-12-9	Show	GitHub Exploit DB Packet Storm

196815	6.1	MEDIUM Network	bosch	bosch_video_management_system video_recording_manager	An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header tha…	CWE-79 Cross-site Scripting	CVE-2021-23860	2024-11-21 14:51	2021-12-9	Show	GitHub Exploit DB Packet Storm

196816	7.5	HIGH Network	bosch	bosch_video_management_system video_recording_manager access_easy_controller_firmware video_recording_manager_exporter building_integration_system access_professional_edition	An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to …	CWE-755 Improper Handling of Exceptional Conditions	CVE-2021-23859	2024-11-21 14:51	2021-12-9	Show	GitHub Exploit DB Packet Storm

196817	7.5	HIGH Network	citrix	application_delivery_controller_firmware gateway sd-wan	An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface acce…	CWE-400 Uncontrolled Resource Consumption	CVE-2021-22956	2024-11-21 14:51	2021-12-7	Show	GitHub Exploit DB Packet Storm

196818	7.5	HIGH Network	citrix	application_delivery_controller_firmware gateway	A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to caus…	CWE-400 Uncontrolled Resource Consumption	CVE-2021-22955	2024-11-21 14:51	2021-12-7	Show	GitHub Exploit DB Packet Storm

196819	9.8	CRITICAL Network	ajaxpro.2_project	ajaxpro.2	All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code exec…	CWE-502 Deserialization of Untrusted Data	CVE-2021-23758	2024-11-21 14:51	2021-12-4	Show	GitHub Exploit DB Packet Storm

196820	8.8	HIGH Network	tiny	plupload	This affects the package plupload before 2.3.9. A file name containing JavaScript code could be uploaded and run. An attacker would need to trick a user to upload this kind of file.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-23562	2024-11-21 14:51	2021-12-4	Show	GitHub Exploit DB Packet Storm