Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
216491 6.8 警告 Joshi Consultancy Services - Drupal 用 Contact Form Fields モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2015-3363 2015-04-24 16:52 2015-01-14 Show GitHub Exploit DB Packet Storm
216492 3.5 注意 Heshan Wanigasooriya - Drupal 用 Video モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-3362 2015-04-24 16:52 2015-01-14 Show GitHub Exploit DB Packet Storm
216493 2.1 注意 Emil Stjerneman - Drupal 用 Linkit モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-3361 2015-04-24 16:52 2015-01-6 Show GitHub Exploit DB Packet Storm
216494 3.5 注意 Term Merge project - Drupal 用 Term Merge モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-3360 2015-04-24 16:52 2015-01-14 Show GitHub Exploit DB Packet Storm
216495 5.8 警告 Ubercart Currency Conversion project - Drupal 用 Ubercart Currency Conversion モジュールにおけるオープンリダイレクトの脆弱性 CWE-Other
その他
CVE-2015-3342 2015-04-24 16:52 2015-01-14 Show GitHub Exploit DB Packet Storm
216496 4.3 警告 オラクル - Oracle Enterprise Manager Grid Control の Enterprise Manager Base Platform における My Oracle Support Plugin に関する脆弱性 CWE-noinfo
情報不足
CVE-2015-0473 2015-04-23 18:43 2015-04-14 Show GitHub Exploit DB Packet Storm
216497 3.5 注意 LiquidCMS - Drupal 用 Room Reservations モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-3359 2015-04-23 17:24 2015-01-13 Show GitHub Exploit DB Packet Storm
216498 5.8 警告 Odd Hill - Drupal 用 Tadaa! モジュールにおけるオープンリダイレクトの脆弱性 CWE-Other
その他
CVE-2015-3358 2015-04-23 17:24 2015-01-14 Show GitHub Exploit DB Packet Storm
216499 6.8 警告 Log Watcher project - Drupal 用 Log Watcher モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2015-3351 2015-04-23 17:24 2015-01-6 Show GitHub Exploit DB Packet Storm
216500 6.8 警告 Jammer project - Drupal 用 Jammer モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2015-3352 2015-04-23 17:24 2015-01-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1131 6.1 MEDIUM
Network
angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15 20.3.22, and 19.2.23, an issue in the… CWE-200
CWE-441
CWE-524
Information Exposure
Confused Deputy
 Use of Cache Containing Sensitive Information
CVE-2026-50169 2026-06-27 04:40 2026-06-23 Show GitHub Exploit DB Packet Storm
1132 7.5 HIGH
Network
aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.0, attacker-controlled input included into multipart/payload headers can be used to modify a request to i… CWE-93
CWE-113
CRLF Injection
HTTP Response Splitting
CVE-2026-50269 2026-06-27 04:39 2026-06-23 Show GitHub Exploit DB Packet Storm
1133 6.1 MEDIUM
Network
angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site S… CWE-79
Cross-site Scripting
CVE-2026-50555 2026-06-27 04:39 2026-06-23 Show GitHub Exploit DB Packet Storm
1134 6.1 MEDIUM
Network
angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22 and 19.2.22, an issue in the… CWE-79
Cross-site Scripting
CVE-2026-50557 2026-06-27 04:39 2026-06-23 Show GitHub Exploit DB Packet Storm
1135 7.5 HIGH
Network
aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, no limit was present on the number of pipelined requests that could be queued. An attacker may be able… CWE-770
 Allocation of Resources Without Limits or Throttling
CVE-2026-54273 2026-06-27 04:37 2026-06-23 Show GitHub Exploit DB Packet Storm
1136 6.1 MEDIUM
Network
angularjs angularjs Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, Angular's HttpTransferCache … CWE-328
CWE-345
 Use of Weak Hash
 Insufficient Verification of Data Authenticity
CVE-2026-54266 2026-06-27 04:37 2026-06-23 Show GitHub Exploit DB Packet Storm
1137 7.5 HIGH
Network
aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, if an attacker sends large incomplete websocket frame payloads, it may be possible to bypass the usual… CWE-770
 Allocation of Resources Without Limits or Throttling
CVE-2026-54274 2026-06-27 04:37 2026-06-23 Show GitHub Exploit DB Packet Storm
1138 7.5 HIGH
Network
aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the server_hostname TLS SNI check can be bypassed when an existing connection is reused. If an applica… CWE-297
 Improper Validation of Certificate with Host Mismatch
CVE-2026-54275 2026-06-27 04:36 2026-06-23 Show GitHub Exploit DB Packet Storm
1139 7.5 HIGH
Network
aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save() and then restored later with CookieJar.load() l… CWE-665
 Improper Initialization
CVE-2026-54279 2026-06-27 04:36 2026-06-23 Show GitHub Exploit DB Packet Storm
1140 7.5 HIGH
Network
aiohttp aiohttp AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a pa… CWE-404
 Improper Resource Shutdown or Release
CVE-2026-54280 2026-06-27 04:35 2026-06-23 Show GitHub Exploit DB Packet Storm