Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231381	4.3	警告	traindepot	-	Traindepot の search モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2839	2012-12-20 18:52	2008-06-24	Show	GitHub Exploit DB Packet Storm

231382	5	警告	traindepot	-	Traindepot の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2838	2012-12-20 18:52	2008-06-24	Show	GitHub Exploit DB Packet Storm

231383	7.5	危険	sidb	-	Scientific Image DataBase の projects.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2834	2012-12-20 18:52	2008-06-24	Show	GitHub Exploit DB Packet Storm

231384	10	危険	worldlevel	-	le.cms の admin/upload.php における管理者の認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-2833	2012-12-20 18:52	2008-06-24	Show	GitHub Exploit DB Packet Storm

231385	10	危険	tmsnc	-	tmsnc におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-2828	2012-12-20 18:52	2008-06-23	Show	GitHub Exploit DB Packet Storm

231386	4.3	警告	Xerox	-	Xerox WorkCentre M123 などの組込み Web Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2825	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

231387	10	危険	Xerox	-	Xerox WorkCentre 7655 などの Web Services における変更を設定される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2824	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

231388	7.5	危険	phpeasynews	-	PHPeasyblog の newsarchive.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2823	2012-12-20 18:52	2008-06-23	Show	GitHub Exploit DB Packet Storm

231389	4.3	警告	shoutcastadmin	-	WallCity-Server Shoutcast Admin Panel におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2814	2012-12-20 18:52	2008-06-23	Show	GitHub Exploit DB Packet Storm

231390	6.8	警告	shoutcastadmin	-	WallCity-Server Shoutcast Admin Panel の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2813	2012-12-20 18:52	2008-06-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
321	7.8	HIGH Local	-	-	Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally. New	CWE-284 Improper Access Control	CVE-2026-42829	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

322	7.8	HIGH Local	-	-	Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. New	CWE-126 Buffer Over-read	CVE-2026-42828	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

323	-		-	-	Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen. Imp… New	CWE-125 Out-of-bounds Read	CVE-2026-42771	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

324	-		-	-	Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which present… New	CWE-325 Missing Required Cryptographic Step	CVE-2026-42770	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

325	-		-	-	Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation inef… New	CWE-295 Improper Certificate Validation	CVE-2026-42769	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

326	-		-	-	Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/… New	CWE-514	CVE-2026-42768	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

327	-		-	-	Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference ca… New	CWE-476 NULL Pointer Dereference	CVE-2026-42767	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

328	-		-	-	Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application … New	CWE-476 NULL Pointer Dereference	CVE-2026-42766	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

329	-		-	-	Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a … New	CWE-476 NULL Pointer Dereference	CVE-2026-42765	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

330	-		-	-	Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer … New	CWE-476 NULL Pointer Dereference	CVE-2026-42764	2026-06-10 02:17	2026-06-10	Show	GitHub Exploit DB Packet Storm