Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
259241	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2513	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

259242	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

259243	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

259244	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

259245	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

259246	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196311	4.6	MEDIUM Physics	teradici	pcoip_connection_manager_and_security_gateway	Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3.	CWE-312 Cleartext Storage of Sensitive Information	CVE-2021-25692	2024-11-21 14:55	2021-04-7	Show	GitHub Exploit DB Packet Storm

196312	6.1	MEDIUM Network	magnolia-cms	magnolia_cms	Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting (XSS) vulnerability in the /magnoliaPublic/travel/members/login.html mgnlUserId parameter.	CWE-79 Cross-site Scripting	CVE-2021-25894	2024-11-21 14:55	2021-04-2	Show	GitHub Exploit DB Packet Storm

196313	5.4	MEDIUM Network	magnolia-cms	magnolia_cms	Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting (XSS) vulnerability in the setText parameter of /magnoliaAuthor/.magnolia/.	CWE-79 Cross-site Scripting	CVE-2021-25893	2024-11-21 14:55	2021-04-2	Show	GitHub Exploit DB Packet Storm

196314	4.3	MEDIUM Network	atlassian	confluence_server confluence_data_center	The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the content of internal network resources via a blind Server-Sid…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-26072	2024-11-21 14:55	2021-04-2	Show	GitHub Exploit DB Packet Storm

196315	8.8	HIGH Network	thoughtworks	gocd	In GoCD, versions 19.6.0 to 21.1.0 are vulnerable to Cross-Site Request Forgery due to missing CSRF protection at the `/go/api/config/backup` endpoint. An attacker can trick a victim to click on a ma…	CWE-352 Origin Validation Error	CVE-2021-25924	2024-11-21 14:55	2021-04-2	Show	GitHub Exploit DB Packet Storm

196316	3.5	LOW Network	atlassian	data_center jira jira_server jira_data_center	The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymo…	CWE-352 Origin Validation Error	CVE-2021-26071	2024-11-21 14:55	2021-04-1	Show	GitHub Exploit DB Packet Storm

196317	6.1	MEDIUM Network	open-emr	openemr	In OpenEMR, versions 4.2.0 to 6.0.0 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly. An attacker could trick a user to click on a malicious url a…	CWE-79 Cross-site Scripting	CVE-2021-25922	2024-11-21 14:55	2021-03-23	Show	GitHub Exploit DB Packet Storm

196318	5.4	MEDIUM Network	open-emr	openemr	In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly in the `Allergies` section. An attacker could lure an admin …	CWE-79 Cross-site Scripting	CVE-2021-25921	2024-11-21 14:55	2021-03-23	Show	GitHub Exploit DB Packet Storm

196319	6.5	MEDIUM Network	open-emr	openemr	In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the …	CWE-178 Improper Handling of Case Sensitivity	CVE-2021-25920	2024-11-21 14:55	2021-03-23	Show	GitHub Exploit DB Packet Storm

196320	4.8	MEDIUM Network	open-emr	openemr	In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly. A highly privileged attacker could inject arbitrary code into i…	CWE-79 Cross-site Scripting	CVE-2021-25919	2024-11-21 14:55	2021-03-23	Show	GitHub Exploit DB Packet Storm