Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1911	7.8	重要 Local	NVIDIA	gpu display driver	NVIDIAのgpu display driverにおける数値型間の変換の誤りに関する脆弱性	CWE-681 数値型間の変換の誤り	CVE-2026-24192	2026-06-12 14:33	2026-05-26	Show	GitHub Exploit DB Packet Storm

1912	7.8	重要 Local	NVIDIA	gpu display driver	NVIDIAのgpu display driverにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-24193	2026-06-12 14:33	2026-05-26	Show	GitHub Exploit DB Packet Storm

1913	7.8	重要 Local	NVIDIA	gpu display driver	NVIDIAのgpu display driverにおけるパーミッションの不適切な保持に関する脆弱性	CWE-281 パーミッションの不適切な保持	CVE-2026-24194	2026-06-12 14:33	2026-05-26	Show	GitHub Exploit DB Packet Storm

1914	5.5	警告 Local	NVIDIA	gpu display driver	NVIDIAのgpu display driverにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-24195	2026-06-12 14:33	2026-05-26	Show	GitHub Exploit DB Packet Storm

1915	7.1	重要 Local	NVIDIA	gpu display driver	NVIDIAのgpu display driverにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-24196	2026-06-12 14:33	2026-05-26	Show	GitHub Exploit DB Packet Storm

1916	6.5	警告 Local	NVIDIA	gpu display driver	NVIDIAのgpu display driverにおけるリソースの安全ではないデフォルト値への初期化に関する脆弱性	CWE-1188 リソースの安全ではないデフォルト値への初期化	CVE-2026-24197	2026-06-12 14:33	2026-05-26	Show	GitHub Exploit DB Packet Storm

1917	9.8	緊急 Network	フォーティネット	FortiSandbox Cloud FortiSandbox FortiSandbox PaaS	フォーティネットのFortiSandbox等の複数製品におけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-25089	2026-06-12 14:33	2026-06-9	Show	GitHub Exploit DB Packet Storm

1918	7.2	重要 Network	Apache Software Foundation	answer	Apache Software Foundationのanswerにおけるセキュリティトークンの割り当ての制限に関する脆弱性	CWE-1259 セキュリティトークンの割り当ての不適切な制限	CVE-2026-25700	2026-06-12 14:33	2026-06-10	Show	GitHub Exploit DB Packet Storm

1919	6.1	警告 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft SharePoint Server のなりすましの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-33113	2026-06-12 14:33	2026-06-9	Show	GitHub Exploit DB Packet Storm

1920	-	-	三菱電機	ロスナイセントラル換気システム炊飯器 IHクッキングヒータールームエアコン向け無線LANアダプター三菱HEMS用制御アダプター、無線LANアダプター冷蔵庫バス乾燥・暖房・換気システムルームエアコン換気扇用・ロスナイ用スマートスイッチパッケージエアコンヒートポンプ給湯機・HEMS対応アダプター、無線LANアダ…	複数の三菱電機製家電製品に搭載されているRealtek社製チップ向けWi-Fiドライバにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2025-49604	2026-06-12 12:05	2026-03-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306621	-		realnetworks	realplayer realplayer_sp	The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to ex…	CWE-94 Code Injection	CVE-2012-0923	2024-11-21 10:35	2012-02-9	Show	GitHub Exploit DB Packet Storm

306622	-		realnetworks	realplayer realplayer_sp	rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file.	CWE-94 Code Injection	CVE-2012-0922	2024-11-21 10:35	2012-02-9	Show	GitHub Exploit DB Packet Storm

306623	-		php	php	The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handl…	CWE-399 Resource Management Errors	CVE-2012-0830	2024-11-21 10:35	2012-02-7	Show	GitHub Exploit DB Packet Storm

306624	-		todd_miller	sudo	Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo.	CWE-134 Use of Externally-Controlled Format String	CVE-2012-0809	2024-11-21 10:35	2012-02-1	Show	GitHub Exploit DB Packet Storm

306625	-		samba	samba	Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests.	CWE-200 Information Exposure	CVE-2012-0817	2024-11-21 10:35	2012-01-31	Show	GitHub Exploit DB Packet Storm

306626	-		wordpress	wordpress	Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier allow remote attackers to inject arbitrary web script or …	CWE-79 Cross-site Scripting	CVE-2012-0782	2024-11-21 10:35	2012-01-31	Show	GitHub Exploit DB Packet Storm

306627	-		acidcat	acidcat_cms	Multiple cross-site scripting (XSS) vulnerabilities in Acidcat CMS 3.5.1, 3.5.2, 3.5.6, and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) adm…	CWE-79 Cross-site Scripting	CVE-2012-0933	2024-11-21 10:35	2012-01-29	Show	GitHub Exploit DB Packet Storm

306628	-		leadcapturepagesystem	lead_capture_page_system	Cross-site scripting (XSS) vulnerability in admin/login.php in Lead Capture Page System allows remote attackers to inject arbitrary web script or HTML via the message parameter.	CWE-79 Cross-site Scripting	CVE-2012-0932	2024-11-21 10:35	2012-01-29	Show	GitHub Exploit DB Packet Storm

306629	9.8	CRITICAL Network	schneider-electric	modicon_quantum_plc	Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary cod…	CWE-287 Improper Authentication	CVE-2012-0931	2024-11-21 10:35	2012-01-28	Show	GitHub Exploit DB Packet Storm

306630	6.1	MEDIUM Network	schneider-electric	modicon_quantum_plc	Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2012-0930	2024-11-21 10:35	2012-01-28	Show	GitHub Exploit DB Packet Storm