Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189751 7.5 重要
Network 		Google - Android における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2017-11058 2017-12-6 17:03 2017-11-6 Show GitHub Exploit DB Packet Storm
189752 7.8 重要
Local 		Google - Android における時間とステータスに関する脆弱性 CWE-361
時間とステータス 		CVE-2017-11038 2017-12-6 17:03 2017-11-6 Show GitHub Exploit DB Packet Storm
189753 7.8 重要
Local 		Google - Android におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-11035 2017-12-6 17:03 2017-11-6 Show GitHub Exploit DB Packet Storm
189754 7.8 重要
Local 		Google - Android における二重解放に関する脆弱性 CWE-415
二重解放 		CVE-2017-11032 2017-12-6 17:03 2017-11-6 Show GitHub Exploit DB Packet Storm
189755 5.5 警告
Local 		Apache Software Foundation - Apache Karaf における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2014-0219 2017-12-6 16:29 2014-05-8 Show GitHub Exploit DB Packet Storm
189756 8.2 重要
Local 		シスコシステムズ - Cisco Umbrella Insights Virtual Appliance におけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2017-12350 2017-12-6 16:18 2017-11-15 Show GitHub Exploit DB Packet Storm
189757 9.8 緊急
Network 		シスコシステムズ - Cisco Voice Operating System ソフトウェアプラットフォームベースのコラボレーション製品における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2017-12337 2017-12-6 16:18 2017-11-15 Show GitHub Exploit DB Packet Storm
189758 6.1 警告
Network 		シスコシステムズ - Cisco Registered Envelope Service におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-12323 2017-12-6 16:18 2017-11-15 Show GitHub Exploit DB Packet Storm
189759 6.1 警告
Network 		シスコシステムズ - Cisco Registered Envelope Service におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-12321 2017-12-6 16:18 2017-11-15 Show GitHub Exploit DB Packet Storm
189760 6.1 警告
Network 		シスコシステムズ - Cisco Registered Envelope Service におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-12320 2017-12-6 16:18 2017-11-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1121 9.9 CRITICAL
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the HAProxy section-save endpoints (POST /api/service/haproxy/<server_id>/section… CWE-20
CWE-77
CWE-78
CWE-94
 Improper Input Validation 
Command Injection
OS Command 
Code Injection 		CVE-2026-45558 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1122 9.9 CRITICAL
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf/<service>/<server_ip>/rule/<rule_id>/save accepts a config_file_name fo… CWE-20
CWE-22
CWE-73
CWE-78
 Improper Input Validation 
Path Traversal
 External Control of File Name or Path
OS Command  		CVE-2026-45556 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1123 7.5 HIGH
Network 		- - Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frames. Impact summary: A malicious remote peer can cause an unb… CWE-1325
 Improperly Controlled Sequential Memory Allocation 		CVE-2026-34183 2026-06-11 01:17 2026-06-10 Show GitHub Exploit DB Packet Storm
1124 7.5 HIGH
Network 		- - UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1. CWE-79
Cross-site Scripting 		CVE-2026-11799 2026-06-11 01:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1125 - - - Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity. CWE-20
 Improper Input Validation  		CVE-2026-0417 2026-06-11 01:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1126 - - - Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows administrators connected to the local network to make unauthorized… CWE-20
 Improper Input Validation  		CVE-2026-0412 2026-06-11 01:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1127 - - - Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality. CWE-20
 Improper Input Validation  		CVE-2026-0410 2026-06-11 01:16 2026-06-10 Show GitHub Exploit DB Packet Storm
1128 5.3 MEDIUM
Network 		google chrome Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from pr… CWE-472
 External Control of Assumed-Immutable Web Parameter 		CVE-2026-11669 2026-06-11 01:16 2026-06-9 Show GitHub Exploit DB Packet Storm
1129 8.3 HIGH
Network 		google chrome Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte… CWE-787
 Out-of-bounds Write 		CVE-2026-11672 2026-06-11 01:15 2026-06-9 Show GitHub Exploit DB Packet Storm
1130 5.4 MEDIUM
Network 		microsoft sharepoint_server Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. CWE-79
Cross-site Scripting 		CVE-2026-47637 2026-06-11 01:14 2026-06-10 Show GitHub Exploit DB Packet Storm