Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
222671	7.5	危険	sherzod ruzmetov	-	CGI::Session における権限情報を取得される脆弱性	-	CVE-2006-1280	2014-03-11 17:43	2006-03-19	Show	GitHub Exploit DB Packet Storm

222672	5	警告	sherzod ruzmetov	-	CGI::Session における任意のファイルを上書きされる脆弱性	-	CVE-2006-1279	2014-03-11 17:43	2006-03-19	Show	GitHub Exploit DB Packet Storm

222673	7.2	危険	Avira	-	AntiVir PersonalEdition における権限を取得される脆弱性	-	CVE-2006-1274	2014-03-11 17:43	2006-03-19	Show	GitHub Exploit DB Packet Storm

222674	6.2	警告	rahul dhesi	-	zoo におけるバッファオーバーフローの脆弱性	-	CVE-2006-1269	2014-03-11 17:43	2006-03-19	Show	GitHub Exploit DB Packet Storm

222675	4.6	警告	Firebird Project	-	Firebird におけるバッファオーバーフローの脆弱性	-	CVE-2006-1240	2014-03-11 17:43	2006-03-15	Show	GitHub Exploit DB Packet Storm

222676	7.5	危険	crossfire	-	CrossFire におけるバッファオーバーフローの脆弱性	-	CVE-2006-1236	2014-03-11 17:43	2006-03-15	Show	GitHub Exploit DB Packet Storm

222677	1.2	注意	julian pawlowski	-	CAPI4HylaFAX における任意のファイルを変更される脆弱性	-	CVE-2006-1231	2014-03-11 17:43	2006-03-14	Show	GitHub Exploit DB Packet Storm

222678	5	警告	Drupal	-	Drupal における CRLF インジェクションの脆弱性	-	CVE-2006-1225	2014-03-11 17:43	2006-03-14	Show	GitHub Exploit DB Packet Storm

222679	4.3	警告	runcms	-	Runcms におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-1216	2014-03-11 17:43	2006-03-14	Show	GitHub Exploit DB Packet Storm

222680	3.7	注意	comvigo	-	Comvigo IM Lock における製品のブロック機能を回避される脆弱性	-	CVE-2006-1198	2014-03-11 17:43	2006-03-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
151	4.1	MEDIUM Local	-	-	IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user. New	CWE-256 Plaintext Storage of a Password	CVE-2024-45636	2026-06-12 01:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

152	9.6	CRITICAL Adjacent	microsoft	windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2022 windows_server_2025	Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network. New	CWE-122 Heap-based Buffer Overflow	CVE-2026-42904	2026-06-12 01:15	2026-06-10	Show	GitHub Exploit DB Packet Storm

153	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. New	CWE-416 Use After Free	CVE-2026-42905	2026-06-12 01:14	2026-06-10	Show	GitHub Exploit DB Packet Storm

154	5.5	MEDIUM Local	microsoft	windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2022 windows_server_2025	Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally. New	CWE-200 Information Exposure	CVE-2026-42906	2026-06-12 01:13	2026-06-10	Show	GitHub Exploit DB Packet Storm

155	6.1	MEDIUM Network	vmware	spring_framework	Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape() may lead to JavaScript code injection in the browser, potentially resulting in a cross-site scripting (XSS) vulnerability. Af… New	CWE-79 Cross-site Scripting	CVE-2026-41845	2026-06-12 01:12	2026-06-9	Show	GitHub Exploit DB Packet Storm

156	6.1	MEDIUM Network	vmware	spring_framework	Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form tags allow arbitrary HTML/JavaScript code injection, potentially resulting… New	CWE-79 Cross-site Scripting	CVE-2026-41846	2026-06-12 01:10	2026-06-9	Show	GitHub Exploit DB Packet Storm

157	5.3	MEDIUM Network	vmware	spring_framework	Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL. Affected versions: Spring Framework 5.3.0 through 5.3.48. New	CWE-284 NVD-CWE-noinfo Improper Access Control	CVE-2026-41847	2026-06-12 01:08	2026-06-9	Show	GitHub Exploit DB Packet Storm

158	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. New	CWE-416 Use After Free	CVE-2026-42986	2026-06-12 01:02	2026-06-10	Show	GitHub Exploit DB Packet Storm

159	8.1	HIGH Network	microsoft	windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_server_2025	Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network. New	CWE-416 Use After Free	CVE-2026-42987	2026-06-12 00:46	2026-06-10	Show	GitHub Exploit DB Packet Storm

160	7.5	HIGH Network	vmware	spring_framework	Applications may be vulnerable to a Regular Expression Denial of Service (ReDoS) attack if an attacker is able to provide a pattern which is then directly or indirectly supplied to one of the followi… New	CWE-1333 Inefficient Regular Expression Complexity	CVE-2026-41848	2026-06-12 00:45	2026-06-9	Show	GitHub Exploit DB Packet Storm