Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
259401 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
259402 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
259403 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
259404 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
259405 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
201271 5.4 MEDIUM
Adjacent 		sloan optima_eaf-100_firmware
optima_eaf-150_firmware
optima_eaf-200_firmware
optima_eaf-225_firmware
optima_eaf-250_firmware
optima_eaf-275_firmware
optima_eaf-350_firmware
optima_eaf… 		There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kin… CWE-306
Missing Authentication for Critical Function 		CVE-2021-20107 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
201272 6.7 MEDIUM
Local 		tenable nessus Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaini… NVD-CWE-noinfo
CVE-2021-20079 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
201273 6.1 MEDIUM
Network 		machform machform Machform prior to version 16 is vulnerable to an open redirect in Safari_init.php due to an improperly sanitized 'ref' parameter. CWE-601
Open Redirect 		CVE-2021-20105 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
201274 8.1 HIGH
Network 		machform machform Machform prior to version 16 is vulnerable to unauthenticated remote code execution due to insufficient sanitization of file attachments uploaded with forms through upload.php. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-20104 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
201275 6.1 MEDIUM
Network 		machform machform Machform prior to version 16 is vulnerable to stored cross-site scripting due to insufficient sanitization of file attachments uploaded with forms through upload.php. CWE-79
Cross-site Scripting 		CVE-2021-20103 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
201276 8.8 HIGH
Network 		machform machform Machform prior to version 16 is vulnerable to cross-site request forgery due to a lack of CSRF tokens in place. CWE-352
 Origin Validation Error 		CVE-2021-20102 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
201277 6.1 MEDIUM
Network 		machform machform Machform prior to version 16 is vulnerable to HTTP host header injection due to improperly validated host headers. This could cause a victim to receive malformed content. CWE-74
Injection 		CVE-2021-20101 2024-11-21 14:45 2021-06-30 Show GitHub Exploit DB Packet Storm
201278 6.7 MEDIUM
Local 		tenable nessus Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows ex… NVD-CWE-noinfo
CVE-2021-20100 2024-11-21 14:45 2021-06-28 Show GitHub Exploit DB Packet Storm
201279 6.7 MEDIUM
Local 		tenable nessus Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows ex… NVD-CWE-noinfo
CVE-2021-20099 2024-11-21 14:45 2021-06-28 Show GitHub Exploit DB Packet Storm
201280 7.5 HIGH
Network 		sonicwall sonicos
sonicosv 		A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2021-20019 2024-11-21 14:45 2021-06-24 Show GitHub Exploit DB Packet Storm