Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224761 10 危険 Mozilla Foundation - 複数の Mozilla 製品の IsCSSWordSpacingSpace 関数における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-3995 2013-10-24 18:13 2012-10-9 Show GitHub Exploit DB Packet Storm
224762 4.3 警告 Mozilla Foundation - 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-3994 2013-10-24 18:06 2012-10-9 Show GitHub Exploit DB Packet Storm
224763 4.3 警告 ImageMagick - ImageMagick の TIFFGetEXIFProperties 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2012-1798 2013-10-24 18:03 2012-06-5 Show GitHub Exploit DB Packet Storm
224764 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品におけるクローム特権で任意の JavaScript コードを実行される脆弱性 CWE-DesignError
CVE-2012-3993 2013-10-24 18:02 2012-10-9 Show GitHub Exploit DB Packet Storm
224765 4.3 警告 ImageMagick - ImageMagick の magick/property.c 内の GetEXIFProperty 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-1610 2013-10-24 17:59 2012-06-5 Show GitHub Exploit DB Packet Storm
224766 5 警告 ImageMagick - ImageMagick の JPEGWarningHandler 関数におけるサービス運用妨害 (メモリ消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-0260 2013-10-24 17:57 2012-03-28 Show GitHub Exploit DB Packet Storm
224767 4.3 警告 ImageMagick - ImageMagick の GetEXIFProperty 関数におけるサービス運用妨害 (クラッシュ) の脆弱性 CWE-119
バッファエラー 		CVE-2012-0259 2013-10-24 17:56 2012-03-28 Show GitHub Exploit DB Packet Storm
224768 5.8 警告 Mozilla Foundation - 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3992 2013-10-24 17:51 2012-10-9 Show GitHub Exploit DB Packet Storm
224769 6.8 警告 Mozilla Foundation - 複数の Mozilla 製品における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2013-1730 2013-10-24 17:47 2013-09-17 Show GitHub Exploit DB Packet Storm
224770 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品における同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3991 2013-10-24 17:44 2012-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3121 6.1 MEDIUM
Network 		mistune_project mistune Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, render_toc_ul() builds a <ul> table-of-contents tree from a list of (level, id, text) tuples. Both the id value (used a… CWE-79
Cross-site Scripting 		CVE-2026-44898 2026-05-28 22:42 2026-05-27 Show GitHub Exploit DB Packet Storm
3122 5.4 MEDIUM
Network 		apache shiro Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value coul… CWE-601
Open Redirect 		CVE-2026-48589 2026-05-28 22:38 2026-05-26 Show GitHub Exploit DB Packet Storm
3123 6.1 MEDIUM
Network 		mistune_project mistune Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the Image directive plugin validates the :width: and :height: options with a regex compiled as _num_re = re.compile(r"^… CWE-79
Cross-site Scripting 		CVE-2026-44899 2026-05-28 22:38 2026-05-27 Show GitHub Exploit DB Packet Storm
3124 8.8 HIGH
Network 		tanium connect Tanium addressed an unauthorized code execution vulnerability in Connect. CWE-78
OS Command  		CVE-2026-9207 2026-05-28 22:31 2026-05-27 Show GitHub Exploit DB Packet Storm
3125 10.0 CRITICAL
Network 		free5gc free5gc free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-pfdmanagement route group without inbound OAuth2/bearer-token authorization. A network a… CWE-863
 Incorrect Authorization 		CVE-2026-44330 2026-05-28 22:06 2026-05-28 Show GitHub Exploit DB Packet Storm
3126 9.9 CRITICAL
Network 		- - A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation whe… CWE-59
Link Following 		CVE-2026-7374 2026-05-28 12:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3127 7.2 HIGH
Network 		apache syncope Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted c… CWE-653
 Improper Isolation or Compartmentalization 		CVE-2026-42782 2026-05-28 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3128 2.4 LOW
Physics 		- - AppLockZ App Lock and Fingerprint Lock (applock.passwordfingerprint.applockz) 4.2.11 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an ove… CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2025-68711 2026-05-28 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3129 2.4 LOW
Physics 		- - Easyelife App lock (aka Fingerprint,Applock or locker.app.safe.applocker) 1.9.2 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay … CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2025-68710 2026-05-28 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3130 2.4 LOW
Physics 		- - SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's … CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2025-68708 2026-05-28 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm