Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 12:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
214771 7.5 危険 PaloSanto Solutions - Elastix の a2billing/customer/iridium_threed.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-1875 2015-03-13 16:26 2015-03-6 Show GitHub Exploit DB Packet Storm
214772 5 警告 アップル - Apple iOS および Apple TV のカーネルの mach_port_kobject インターフェースにおける ASLR 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-4496 2015-03-13 15:40 2015-01-27 Show GitHub Exploit DB Packet Storm
214773 5 警告 アップル - Apple iOS および Apple TV の MobileStorageMounter における任意のファイルシステムロケーションにフォルダを作成される脆弱性 CWE-Other
その他 		CVE-2015-1062 2015-03-13 15:35 2015-03-9 Show GitHub Exploit DB Packet Storm
214774 7.8 危険 アップル - Apple iOS の CoreTelephony におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2015-1063 2015-03-13 15:35 2015-03-9 Show GitHub Exploit DB Packet Storm
214775 1.9 注意 アップル - Apple iOS の Springboard におけるアクティベーション要求を回避される脆弱性 CWE-200
情報漏えい 		CVE-2015-1064 2015-03-13 15:35 2015-03-9 Show GitHub Exploit DB Packet Storm
214776 10 危険 アップル - Apple OS X の IOAcceleratorFamily における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2015-1066 2015-03-13 15:35 2015-03-9 Show GitHub Exploit DB Packet Storm
214777 4 警告 Fedora Project - 389 Directory Server における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-8112 2015-03-13 15:16 2014-10-10 Show GitHub Exploit DB Packet Storm
214778 5 警告 Fedora Project - 389 Directory Server における changelog から重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-8105 2015-03-13 15:16 2014-10-10 Show GitHub Exploit DB Packet Storm
214779 7.5 危険 SolarWinds - 複数の SolarWinds 製品で使用される Orion Platform の AccountManagement.asmx サービスの Manage アカウントページにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-9566 2015-03-13 15:06 2015-02-25 Show GitHub Exploit DB Packet Storm
214780 5 警告 Pivotal Software, Inc. - Pivotal Spring フレームワークの Java SockJS クライアントにおける他のセッションにメッセージを送信される脆弱性 CWE-Other
その他 		CVE-2015-0201 2015-03-13 14:41 2015-03-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
131 7.8 HIGH
Local 		microsoft windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2019
windows_server_2022
windows_server_2025 		Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. New CWE-416
 Use After Free 		CVE-2026-42983 2026-06-12 01:54 2026-06-10 Show GitHub Exploit DB Packet Storm
132 7.5 HIGH
Network 		vmware spring_framework IDs for WebSocket sessions in the spring-websocket module are not cryptographically unpredictable, which may be possible to exploit in combination with inadequate authorization rules. Affected versi… New CWE-330
 Use of Insufficiently Random Values 		CVE-2026-41838 2026-06-12 01:53 2026-06-9 Show GitHub Exploit DB Packet Storm
133 7.8 HIGH
Local 		microsoft windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2019
windows_server_2022
windows_server_2025 		Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. New CWE-125
Out-of-bounds Read 		CVE-2026-42837 2026-06-12 01:51 2026-06-10 Show GitHub Exploit DB Packet Storm
134 6.1 MEDIUM
Network 		vmware spring_framework A Spring MVC or Spring WebFlux application which configures a mapping for "/**" where the view name is not explicitly specified allows an attacker to craft a link resulting in a 302 redirect to an ar… New CWE-601
Open Redirect 		CVE-2026-41844 2026-06-12 01:19 2026-06-9 Show GitHub Exploit DB Packet Storm
135 6.5 MEDIUM
Network 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network. New CWE-476
 NULL Pointer Dereference 		CVE-2026-42903 2026-06-12 01:17 2026-06-10 Show GitHub Exploit DB Packet Storm
136 - - - openSIS Classic 9.3 contains an insecure direct object reference vulnerability in the messaging module. Any authenticated user with access to the messaging module can request sent-message details fro… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-8406 2026-06-12 01:16 2026-06-11 Show GitHub Exploit DB Packet Storm
137 8.8 HIGH
Network 		- - IBM i 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. New CWE-427
 Uncontrolled Search Path Element 		CVE-2026-7870 2026-06-12 01:16 2026-06-12 Show GitHub Exploit DB Packet Storm
138 7.5 HIGH
Network 		- - IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-7787 2026-06-12 01:16 2026-06-12 Show GitHub Exploit DB Packet Storm
139 8.8 HIGH
Network 		- - Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template inj… New CWE-94
Code Injection 		CVE-2026-50223 2026-06-12 01:16 2026-06-11 Show GitHub Exploit DB Packet Storm
140 8.6 HIGH
Network 		- - Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validati… New CWE-918
CWE-1286
CWE-1389
Server-Side Request Forgery (SSRF) 
 Improper Validation of Syntactic Correctness of Input 		CVE-2026-50131 2026-06-12 01:16 2026-06-11 Show GitHub Exploit DB Packet Storm