Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
261341	6.8	警告	アップルサイバートラスト株式会社サン・マイクロシステムズターボリナックスヒューレット・パッカード OpenSSL Project レッドハット	-	OpenSSL の SSL_get_shared_ciphers() 関数における一つずれエラーの脆弱性	CWE-189 数値処理の問題	CVE-2007-5135	2010-01-5 13:31	2007-10-12	Show	GitHub Exploit DB Packet Storm

261342	7.8	危険	マイクロソフト	-	Microsoft Windows で稼働している Active Directory の LDAP サービスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-1928	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

261343	9.3	危険	マイクロソフト	-	Microsoft Windows の kernel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2514	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

261344	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2513	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

261345	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

261346	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

261347	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

261348	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

261349	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
190851	9.8	CRITICAL Network	openzeppelin	contracts	OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an actor with the executor role to escalate privileges. Further details abo…	CWE-269 Improper Privilege Management	CVE-2021-39167	2024-11-21 15:18	2021-08-27	Show	GitHub Exploit DB Packet Storm

190852	6.5	MEDIUM Network	chachethq	cachet	Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the `SearchableTrait#scopeSearch()`. Attackers without authentication can utilize…	-	CVE-2021-39165	2024-11-21 15:18	2021-08-27	Show	GitHub Exploit DB Packet Storm

190853	5.4	MEDIUM Network	discourse	discourse	Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scripting(XSS) attacks. This is mitigated by Discourse's default Content …	CWE-79 Cross-site Scripting	CVE-2021-39161	2024-11-21 15:18	2021-08-27	Show	GitHub Exploit DB Packet Storm

190854	9.8	CRITICAL Network	jupyter	binderhub	BinderHub is a kubernetes-based cloud service that allows users to share reproducible interactive computing environments from code repositories. In affected versions a remote code execution vulnerabi…	CWE-78 OS Command	CVE-2021-39159	2024-11-21 15:18	2021-08-26	Show	GitHub Exploit DB Packet Storm

190855	8.8	HIGH Network	jupyterhub	nbgitpuller	nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in th…	CWE-78 OS Command	CVE-2021-39160	2024-11-21 15:18	2021-08-26	Show	GitHub Exploit DB Packet Storm

190856	5.4	MEDIUM Network	basercms	basercms	baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the m…	-	CVE-2021-39136	2024-11-21 15:18	2021-08-26	Show	GitHub Exploit DB Packet Storm

190857	4.8	MEDIUM Network	atlassian	data_center jira jira_server jira_data_center	Affected versions of Atlassian Jira Server and Data Center allow remote attackers to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature. The aff…	CWE-601 Open Redirect	CVE-2021-39112	2024-11-21 15:18	2021-08-25	Show	GitHub Exploit DB Packet Storm

190858	7.5	HIGH Network	istio	istio	Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Istio 1.11.0, 1.10.3 …	CWE-706 Use of Incorrectly-Resolved Name or Reference	CVE-2021-39156	2024-11-21 15:18	2021-08-25	Show	GitHub Exploit DB Packet Storm

190859	7.5	HIGH Network	istio	istio	Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. According to [RFC 434…	CWE-178 CWE-863 Improper Handling of Case Sensitivity Incorrect Authorization	CVE-2021-39155	2024-11-21 15:18	2021-08-25	Show	GitHub Exploit DB Packet Storm

190860	7.5	HIGH Network	detect-character-encoding_project	detect-character-encoding	detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The p…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2021-39157	2024-11-21 15:18	2021-08-25	Show	GitHub Exploit DB Packet Storm