Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258751 9.3 危険 マイクロソフト - 複数の Microsoft 製品における計算式を含むスプレッドシートの処理に関する任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3132 2010-01-5 16:18 2009-11-10 Show GitHub Exploit DB Packet Storm
258752 9.3 危険 マイクロソフト - 複数の Microsoft 製品におけるセルに含まれる計算式の処理に関する任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3131 2010-01-5 16:17 2009-11-10 Show GitHub Exploit DB Packet Storm
258753 9.3 危険 マイクロソフト - Microsoft Office Excel における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3128 2010-01-5 16:17 2009-11-10 Show GitHub Exploit DB Packet Storm
258754 9.3 危険 マイクロソフト - Microsoft Office および Open XML File Format Converter における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3127 2010-01-5 16:16 2009-11-10 Show GitHub Exploit DB Packet Storm
258755 6.8 警告 アップル
サイバートラスト株式会社
サン・マイクロシステムズ
ターボリナックス
ヒューレット・パッカード
OpenSSL Project
レッドハット		 - OpenSSL の SSL_get_shared_ciphers() 関数における一つずれエラーの脆弱性 CWE-189
数値処理の問題 		CVE-2007-5135 2010-01-5 13:31 2007-10-12 Show GitHub Exploit DB Packet Storm
258756 7.8 危険 マイクロソフト - Microsoft Windows で稼働している Active Directory の LDAP サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1928 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
258757 9.3 危険 マイクロソフト - Microsoft Windows の kernel における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2514 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
258758 6.8 警告 マイクロソフト - Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-2513 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
258759 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
258760 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199271 9.8 CRITICAL
Network 		dell storage_resource_manager
storage_monitoring_and_reporting 		Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior to 4.5.0.1 contain an Untrusted Deserialization Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerabil… CWE-502
 Deserialization of Untrusted Data 		CVE-2021-21524 2024-11-21 14:48 2021-04-13 Show GitHub Exploit DB Packet Storm
199272 6.5 MEDIUM
Network 		matrix
fedoraproject 		synapse
fedora 		Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synaps… CWE-20
 Improper Input Validation  		CVE-2021-21394 2024-11-21 14:48 2021-04-13 Show GitHub Exploit DB Packet Storm
199273 5.3 MEDIUM
Network 		zte zxa10_c300m_firmware A ZTE product has a configuration error vulnerability. Because a certain port is open by default, an attacker can consume system processing resources by flushing a large number of packets to the port… CWE-400
 Uncontrolled Resource Consumption 		CVE-2021-21728 2024-11-21 14:48 2021-04-10 Show GitHub Exploit DB Packet Storm
199274 8.8 HIGH
Network 		demon1a discord-recon Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server re… CWE-78
OS Command  		CVE-2021-21433 2024-11-21 14:48 2021-04-10 Show GitHub Exploit DB Packet Storm
199275 6.5 MEDIUM
Network 		go-vela vela Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. An authentication mechanism added in version 0.7.0 enables some malicious user to obtain secrets… CWE-862
 Missing Authorization 		CVE-2021-21432 2024-11-21 14:48 2021-04-10 Show GitHub Exploit DB Packet Storm
199276 8.1 HIGH
Network 		mirahezebots channelmgnt sopel-channelmgnt is a channelmgnt plugin for sopel. In versions prior to 2.0.1, on some IRC servers, restrictions around the removal of the bot using the kick/kickban command could be bypassed when … NVD-CWE-Other
CVE-2021-21431 2024-11-21 14:48 2021-04-10 Show GitHub Exploit DB Packet Storm
199277 9.8 CRITICAL
Network 		getgrav grav-plugin-admin Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify pages. In versions 1.10.7 and earlier, an unauthenticated user can execute some methods of admi… NVD-CWE-Other
CVE-2021-21425 2024-11-21 14:48 2021-04-8 Show GitHub Exploit DB Packet Storm
199278 4.3 MEDIUM
Network 		jenkins promoted_builds A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and earlier allows attackers to to promote builds. CWE-352
 Origin Validation Error 		CVE-2021-21641 2024-11-21 14:48 2021-04-7 Show GitHub Exploit DB Packet Storm
199279 4.3 MEDIUM
Network 		jenkins jenkins Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid o… - CVE-2021-21640 2024-11-21 14:48 2021-04-7 Show GitHub Exploit DB Packet Storm
199280 4.3 MEDIUM
Network 		jenkins jenkins Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the `config.xml` REST API endpoint of a node, allowing attackers wi… - CVE-2021-21639 2024-11-21 14:48 2021-04-7 Show GitHub Exploit DB Packet Storm