Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
214621 4.3 警告 e107.org - e107 の e107_admin/filemanager.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-1041 2015-01-19 15:54 2015-01-3 Show GitHub Exploit DB Packet Storm
214622 3.5 注意 BEdita - BEdita の管理バックエンドにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-1040 2015-01-19 15:50 2015-01-8 Show GitHub Exploit DB Packet Storm
214623 4.3 警告 zfcuser project - ZF-Commons ZfcUser の user/login.phtml におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-1039 2015-01-19 15:27 2015-01-8 Show GitHub Exploit DB Packet Storm
214624 6.4 警告 Novell
SUSE		 - gcab の libgcab/gcab-folder.c の gcab_folder_extract 関数におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2015-0552 2015-01-19 15:22 2015-01-5 Show GitHub Exploit DB Packet Storm
214625 5 警告 シスコシステムズ - Cisco WebEx Meeting Center における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-0583 2015-01-19 15:03 2015-01-12 Show GitHub Exploit DB Packet Storm
214626 5 警告 シスコシステムズ - Cisco TelePresence Video Communication Server および Cisco Expressway におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2015-0579 2015-01-19 15:00 2015-01-15 Show GitHub Exploit DB Packet Storm
214627 5.7 警告 シスコシステムズ - Cisco Adaptive Security Appliance ソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-0578 2015-01-19 14:53 2015-01-15 Show GitHub Exploit DB Packet Storm
214628 4.3 警告 シスコシステムズ - Cisco E メール セキュリティ アプライアンスおよびコンテンツ セキュリティ管理アプライアンスで使用される AsyncOS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-0577 2015-01-19 14:47 2015-01-13 Show GitHub Exploit DB Packet Storm
214629 5 警告 シスコシステムズ - Android および OS X 上で稼働する Cisco AnyConnect における認証フォームを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-3314 2015-01-19 14:41 2014-05-7 Show GitHub Exploit DB Packet Storm
214630 7.5 危険 DomPHP - DomPHP の agenda/indexdate.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-10038 2015-01-19 14:35 2014-01-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
41 4.3 MEDIUM
Network 		- - The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 12.4.16. This is due to the plugin not properly verifying that a user i… New CWE-862
 Missing Authorization 		CVE-2026-7624 2026-06-6 14:16 2026-06-6 Show GitHub Exploit DB Packet Storm
42 6.1 MEDIUM
Network 		- - Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: … New CWE-79
Cross-site Scripting 		CVE-2026-11150 2026-06-6 14:16 2026-06-5 Show GitHub Exploit DB Packet Storm
43 6.5 MEDIUM
Network 		- - Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Me… New CWE-352
 Origin Validation Error 		CVE-2026-11148 2026-06-6 14:16 2026-06-5 Show GitHub Exploit DB Packet Storm
44 9.6 CRITICAL
Network 		- - Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox es… New CWE-20
 Improper Input Validation  		CVE-2026-11146 2026-06-6 14:16 2026-06-5 Show GitHub Exploit DB Packet Storm
45 6.5 MEDIUM
Network 		- - Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) New CWE-362
Race Condition 		CVE-2026-11145 2026-06-6 14:16 2026-06-5 Show GitHub Exploit DB Packet Storm
46 8.8 HIGH
Network 		- - Use after free in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: Medium) New CWE-416
 Use After Free 		CVE-2026-11144 2026-06-6 14:16 2026-06-5 Show GitHub Exploit DB Packet Storm
47 6.5 MEDIUM
Network 		- - Out of bounds read in Extensions in Google Chrome on Linux prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information… New CWE-122
Heap-based Buffer Overflow 		CVE-2026-11143 2026-06-6 14:16 2026-06-5 Show GitHub Exploit DB Packet Storm
48 6.5 MEDIUM
Network 		- - Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-11142 2026-06-6 14:16 2026-06-5 Show GitHub Exploit DB Packet Storm
49 6.5 MEDIUM
Network 		- - Uninitialized Use in Audio in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory v… New CWE-457
 Use of Uninitialized Variable 		CVE-2026-11141 2026-06-6 14:16 2026-06-5 Show GitHub Exploit DB Packet Storm
50 6.5 MEDIUM
Network 		- - Out of bounds read in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process me… New CWE-20
 Improper Input Validation  		CVE-2026-11140 2026-06-6 14:16 2026-06-5 Show GitHub Exploit DB Packet Storm