Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 25, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258821 7.2 危険 VMware - 複数の VMware 製品の vmware-mount における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4296 2010-12-27 15:38 2010-12-2 Show GitHub Exploit DB Packet Storm
258822 6.9 警告 VMware - 複数の VMware 製品の vmware-mount における権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-4295 2010-12-27 15:36 2010-12-2 Show GitHub Exploit DB Packet Storm
258823 9.3 危険 VMware - 複数の VMware 製品の VMnc メディアコーデック内にあるフレーム復元機能における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4294 2010-12-27 15:33 2010-12-2 Show GitHub Exploit DB Packet Storm
258824 2.1 注意 アップル - Windows 上で稼働する Apple QuickTime における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0530 2010-12-27 15:07 2010-12-9 Show GitHub Exploit DB Packet Storm
258825 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1508 2010-12-27 15:06 2010-12-9 Show GitHub Exploit DB Packet Storm
258826 9.3 危険 アップル - Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-3800 2010-12-27 14:59 2010-12-9 Show GitHub Exploit DB Packet Storm
258827 9.3 危険 マイクロソフト - Microsoft Internet Explorer における無効なフラグ参照に起因する脆弱性 CWE-399
リソース管理の問題 		CVE-2010-3962 2010-12-27 14:36 2010-11-4 Show GitHub Exploit DB Packet Storm
258828 10 危険 CA Technologies - CA PSFormX および CA WebScan ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-20
CWE-noinfo
CVE-2010-2193 2010-12-27 11:49 2010-06-8 Show GitHub Exploit DB Packet Storm
258829 2.6 注意 CA Technologies - CA eHealth Performance Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0640 2010-12-27 11:44 2010-02-24 Show GitHub Exploit DB Packet Storm
258830 9.3 危険 CA Technologies - CA eTrust PestPatrol の PestPatrol ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4225 2010-12-27 11:41 2009-12-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 25, 2026, 4:04 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200391 7.2 HIGH
Network 		prisma prisma Prisma is an open source ORM for Node.js & TypeScript. As of today, we are not aware of any Prisma users or external consumers of the `@prisma/sdk` package who are affected by this security vulnerabi… - CVE-2021-21414 2024-11-21 14:48 2021-04-29 Show GitHub Exploit DB Packet Storm
200392 6.5 MEDIUM
Network 		ckeditor ckeditor5-widget
ckeditor5-paste-from-office
ckeditor5-media-embed
ckeditor5-markdown-gfm
ckeditor5-list
ckeditor5-image
ckeditor5-font
ckeditor5-engine 		CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font, ckeditor5-image, ckeditor5-list, ckeditor5-markdown-gfm, ckeditor5-media… - CVE-2021-21391 2024-11-21 14:48 2021-04-29 Show GitHub Exploit DB Packet Storm
200393 3.3 LOW
Local 		openapi-generator openapi_generator OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creat… - CVE-2021-21429 2024-11-21 14:48 2021-04-28 Show GitHub Exploit DB Packet Storm
200394 5.4 MEDIUM
Network 		typo3 typo3 Bootstrap Package is a theme for TYPO3. It has been discovered that rendering content in the website frontend is vulnerable to cross-site scripting. A valid backend user account is needed to exploit … - CVE-2021-21365 2024-11-21 14:48 2021-04-28 Show GitHub Exploit DB Packet Storm
200395 7.2 HIGH
Network 		openmage magento Magento-lts is a long-term support alternative to Magento Community Edition (CE). A vulnerability in magento-lts versions before 19.4.13 and 20.0.9 potentially allows an administrator unauthorized ac… - CVE-2021-21427 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
200396 9.8 CRITICAL
Network 		openmage magento Magento-lts is a long-term support alternative to Magento Community Edition (CE). In magento-lts versions 19.4.12 and prior and 20.0.8 and prior, there is a vulnerability caused by the unsecured dese… - CVE-2021-21426 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
200397 4.3 MEDIUM
Network 		jenkins cloudbees_cd Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item… - CVE-2021-21647 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
200398 8.8 HIGH
Network 		jenkins templating_engine Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code … - CVE-2021-21646 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
200399 4.3 MEDIUM
Network 		jenkins config_file_provider Jenkins Config File Provider Plugin 3.7.0 and earlier does not perform permission checks in several HTTP endpoints, attackers with Overall/Read permission to enumerate configuration file IDs. - CVE-2021-21645 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm
200400 5.4 MEDIUM
Network 		jenkins config_file_provider A cross-site request forgery (CSRF) vulnerability in Jenkins Config File Provider Plugin 3.7.0 and earlier allows attackers to delete configuration files corresponding to an attacker-specified ID. CWE-352
 Origin Validation Error 		CVE-2021-21644 2024-11-21 14:48 2021-04-22 Show GitHub Exploit DB Packet Storm