Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258761	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

258762	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

258763	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194671	9.8	CRITICAL Network	eyesofnetwork	eyesofnetwork	EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation).	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2021-27514	2024-11-21 14:58	2021-02-22	Show	GitHub Exploit DB Packet Storm

194672	8.8	HIGH Network	eyesofnetwork	eyesofnetwork	The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-27513	2024-11-21 14:58	2021-02-22	Show	GitHub Exploit DB Packet Storm

194673	7.5	HIGH Network	visualware	myconnection_server	In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code.	CWE-863 Incorrect Authorization	CVE-2021-27509	2024-11-21 14:58	2021-02-20	Show	GitHub Exploit DB Packet Storm

194674	7.8	HIGH Local	mblog_project	mblog	OS Command injection vulnerability in mblog 3.5.0 allows attackers to execute arbitrary code via crafted theme when it gets selected.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-27280	2024-11-21 14:57	2023-05-8	Show	GitHub Exploit DB Packet Storm

194675	-		-	-	Server Side Request Forgery (SSRF) vulnerability in Gleez Cms 1.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via modules/gleez/classes/request.php.	-	CVE-2021-27312	2024-11-21 14:57	2024-04-3	Show	GitHub Exploit DB Packet Storm

194676	7.8	HIGH Local	ti	real-time_operating_system simplelink_cc26xx_software_development_kit simplelink_cc13xx_software_development_kit simplelink_cc32xx_software_development_kit simplelink_msp432e411y simpl…	Texas Instruments TI-RTOS returns a valid pointer to a small buffer on extremely large values. This can trigger an integer overflow vulnerability in 'HeapTrack_alloc' and result in code execution.	CWE-190 Integer Overflow or Wraparound	CVE-2021-27429	2024-11-21 14:57	2023-11-21	Show	GitHub Exploit DB Packet Storm

194677	5.4	MEDIUM Network	moodle	moodle	Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/setting…	CWE-79 Cross-site Scripting	CVE-2021-27131	2024-11-21 14:57	2023-05-17	Show	GitHub Exploit DB Packet Storm

194678	6.1	MEDIUM Network	odoo	odoo	Cross-site scripting (XSS) issue Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, via a crafted…	CWE-79 Cross-site Scripting	CVE-2021-26947	2024-11-21 14:57	2023-04-26	Show	GitHub Exploit DB Packet Storm

194679	8.8	HIGH Network	perfact	openvpn-client	An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running on the local host machine to force the back-end server into …	CWE-610 Externally Controlled Reference to a Resource in Another Sphere	CVE-2021-27406	2024-11-21 14:57	2022-10-15	Show	GitHub Exploit DB Packet Storm

194680	5.5	MEDIUM Local	intel	wi-fi_6_ax411_firmware wi-fi_6_ax211_firmware wi-fi_6_ax210_firmware wi-fi_6_ax201_firmware wi-fi_6_ax200_firmware wireless-ac_9560_firmware wireless-ac_9462_firmware wireless-ac…	Out of bounds read in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of servi…	CWE-125 Out-of-bounds Read	CVE-2021-26950	2024-11-21 14:57	2022-08-19	Show	GitHub Exploit DB Packet Storm