Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216761	4.3	警告	Mikko Saari	-	WordPress 用 Relevanssi プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-9443	2015-01-8 13:47	2014-12-16	Show	GitHub Exploit DB Packet Storm

216762	6.5	警告	Reality66	-	WordPress 用 Cart66 Lite プラグインの models/Cart66Ajax.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-9442	2015-01-8 13:46	2014-12-22	Show	GitHub Exploit DB Packet Storm

216763	6.8	警告	Lightbox Photo Gallery project	-	WordPress 用 Lightbox Photo Gallery プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-9441	2015-01-8 13:46	2014-12-12	Show	GitHub Exploit DB Packet Storm

216764	6.8	警告	Sliding Social Icons project	-	WordPress 用 Sliding Social Icons プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-9437	2015-01-8 13:46	2014-12-12	Show	GitHub Exploit DB Packet Storm

216765	6.8	警告	e107.org	-	e107 の e107_admin/users.php の AdminObserver 関数におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-9459	2015-01-8 12:20	2014-12-28	Show	GitHub Exploit DB Packet Storm

216766	10	危険	Hex-Rays	-	Hex-Rays IDA の GDB debugger モジュールにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-9458	2015-01-8 12:13	2014-12-24	Show	GitHub Exploit DB Packet Storm

216767	6.5	警告	PMB Services SAS.	-	PMB の classes/mono_display.class.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-9457	2015-01-8 12:03	2014-12-25	Show	GitHub Exploit DB Packet Storm

216768	5.8	警告	NYU	-	Ex Libris Patron Directory Services 用 NYU OpenSSO Integration のログインページにおけるオープンリダイレクトの脆弱性	CWE-Other その他	CVE-2014-7294	2015-01-8 11:53	2014-12-29	Show	GitHub Exploit DB Packet Storm

216769	4.3	警告	NYU	-	Ex Libris Patron Directory Services 用 NYU OpenSSO Integration のログインページにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-7293	2015-01-8 11:53	2014-12-29	Show	GitHub Exploit DB Packet Storm

216770	4.3	警告	IPCop	-	IPCop の cgi-bin/ipinfo.cgi におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-7417	2015-01-7 19:48	2013-04-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
911	7.0	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplus_fill_super() hfsplus_fill_super() calls hfs_find_init() to initialize a search structure,…	-	CVE-2026-46299	2026-06-14 15:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

912	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extract_kvec_to_sg Patch series "Fix bugs in extract_iter_to_sg()", v3. Fix bugs in …	-	CVE-2026-46289	2026-06-14 15:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

913	8.4	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in of_unittest_changeset() The variable 'parent' is assigned the value of 'nchangeset' earlier i…	-	CVE-2026-46288	2026-06-14 15:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

914	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: lib: test_hmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmm_test fixes and cleanups". Two bu…	-	CVE-2026-46280	2026-06-14 15:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

915	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: mm/zone_device: do not touch device folio after calling ->folio_free() The contents of a device folio can immediately change afte…	-	CVE-2026-46277	2026-06-14 15:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

916	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free (UAF) and Nul…	-	CVE-2026-46275	2026-06-14 15:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

917	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in io_wq_remove_pending() io_wq_remove_pending() needs to fix up wq->hash_tail[] if t…	-	CVE-2026-46274	2026-06-14 15:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

918	6.5	MEDIUM Network	gpac	gpac	A NULL pointer dereference in the ctts_box_write function (isomedia/box_code_base.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.	CWE-476 NULL Pointer Dereference	CVE-2025-55659	2026-06-14 09:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

919	7.5	HIGH Network	gpac	gpac	A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.	CWE-476 NULL Pointer Dereference	CVE-2025-55657	2026-06-14 09:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

920	5.5	MEDIUM Local	gpac	gpac	A NULL pointer dereference in the gf_isom_get_user_data_count function (isomedia/isom_read.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.	CWE-476 NULL Pointer Dereference	CVE-2025-55651	2026-06-14 09:16	2026-06-10	Show	GitHub Exploit DB Packet Storm