Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189861	5.4	警告 Network	Horde	-	Horde Groupware におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-16906	2017-12-14 11:42	2017-11-20	Show	GitHub Exploit DB Packet Storm

189862	7.8	重要 Local	Huawei	-	Huawei スマートフォン honor 5C および 6x のドライバにおけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-8212	2017-12-14 11:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

189863	7.8	重要 Local	Huawei	-	Huawei スマートフォン honor 5C および 6x のドライバにおけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-8211	2017-12-14 11:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

189864	7.8	重要 Local	Huawei	-	Huawei スマートフォン honor 5C および 6x のドライバにおけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-8210	2017-12-14 11:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

189865	7.8	重要 Local	Huawei	-	Huawei スマートフォン honor 5C および 6x のドライバにおけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-8209	2017-12-14 11:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

189866	7.8	重要 Local	Huawei	-	Huawei スマートフォン honor 5C および 6x のドライバにおけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-8208	2017-12-14 11:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

189867	7.8	重要 Local	Huawei	-	Huawei スマートフォン honor 5C および 6x のドライバにおけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-8207	2017-12-14 11:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

189868	6.5	警告 Network	Apereo	-	Opencast におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-1000221	2017-12-14 10:54	2017-11-17	Show	GitHub Exploit DB Packet Storm

189869	5.5	警告 Local	libming	-	libming における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2017-16883	2017-12-14 10:54	2017-11-25	Show	GitHub Exploit DB Packet Storm

189870	9.8	緊急 Network	Tiny Tiny RSS	-	Tiny Tiny RSS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2017-16896	2017-12-14 10:54	2017-11-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2081	9.1	CRITICAL Network	-	-	Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after aut…	CWE-384 Session Fixation	CVE-2009-10007	2026-06-10 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

2082	9.1	CRITICAL Network	apache	http_server	A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. User…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2026-42535	2026-06-10 01:00	2026-06-9	Show	GitHub Exploit DB Packet Storm

2083	7.5	HIGH Network	apache	http_server	Heap-based Buffer Overflow vulnerability in Apache HTTP Server with mod_xml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are re…	CWE-122 Heap-based Buffer Overflow	CVE-2026-42536	2026-06-10 00:55	2026-06-9	Show	GitHub Exploit DB Packet Storm

2084	4.3	MEDIUM Network	google	chrome	Insufficient validation of untrusted input in Wallet in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HT…	CWE-20 CWE-451 Improper Input Validation User Interface (UI) Misrepresentation of Critical Information	CVE-2026-11286	2026-06-10 00:42	2026-06-5	Show	GitHub Exploit DB Packet Storm

2085	4.3	MEDIUM Network	google	chrome	Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Lo…	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-11285	2026-06-10 00:37	2026-06-5	Show	GitHub Exploit DB Packet Storm

2086	6.5	MEDIUM Network	google	chrome	Side-channel information leakage in PerformanceAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: L…	CWE-1300 CWE-203 Improper Protection of Physical Side Channels Information Exposure Through Discrepancy	CVE-2026-11284	2026-06-10 00:27	2026-06-5	Show	GitHub Exploit DB Packet Storm

2087	9.6	CRITICAL Network	google	chrome	Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securi…	CWE-693 Protection Mechanism Failure	CVE-2026-11282	2026-06-10 00:26	2026-06-5	Show	GitHub Exploit DB Packet Storm

2088	-		-	-	phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attac…	CWE-328 Use of Weak Hash	CVE-2026-48488	2026-06-10 00:25	2026-06-9	Show	GitHub Exploit DB Packet Storm

2089	5.5	MEDIUM Local	-	-	fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs. From version 2.3.1 to before version 2.5.10, when chaincode is deployed in chaincode-as-a-service mode …	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-45581	2026-06-10 00:25	2026-06-9	Show	GitHub Exploit DB Packet Storm

2090	8.3	HIGH Network	-	-	OpenMetadata is a unified metadata platform. Prior to version 1.12.4, a non-admin SSO user can trigger a TEST_CONNECTION workflow for a Database Service and receive, in the HTTP 201 response of POST …	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2026-46481	2026-06-10 00:25	2026-06-9	Show	GitHub Exploit DB Packet Storm