Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
237651 7.2 危険 マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバにおける権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2553 2012-11-16 15:37 2012-11-13 Show GitHub Exploit DB Packet Storm
237652 9.3 危険 マイクロソフト - Microsoft Internet Explorer 9 における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2012-4775 2012-11-16 15:36 2012-11-13 Show GitHub Exploit DB Packet Storm
237653 9.3 危険 マイクロソフト - Microsoft .NET Framework の Web プロキシ自動発見 (WPAD) 機能における任意の JavaScript コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4776 2012-11-16 15:35 2012-11-13 Show GitHub Exploit DB Packet Storm
237654 9.3 危険 マイクロソフト - Microsoft .NET Framework のリフレクション実装における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4777 2012-11-16 15:34 2012-11-13 Show GitHub Exploit DB Packet Storm
237655 4.3 警告 アップル
Google		 - WebKit におけるクロスサイトスクリプティング (XSS) 保護メカニズムを回避される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5851 2012-11-16 14:34 2012-11-15 Show GitHub Exploit DB Packet Storm
237656 6.8 警告 Mozilla Foundation - Android 上で稼働する Mozilla Firefox における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-3979 2012-11-16 13:55 2012-08-28 Show GitHub Exploit DB Packet Storm
237657 2.6 注意 アシアル株式会社 - Android 版 Monacaデバッガーにおける情報管理不備の脆弱性 CWE-200
情報漏えい 		CVE-2012-5172 2012-11-16 12:02 2012-11-16 Show GitHub Exploit DB Packet Storm
237658 10 危険 マイクロソフト
Google		 - Google Chrome で使用される Microsoft Windows のカーネルモードドライバにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-2897 2012-11-16 11:09 2012-09-25 Show GitHub Exploit DB Packet Storm
237659 4.3 警告 OTRS プロジェクト - Open Technology Real Services にクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2582 2012-11-16 10:19 2012-08-23 Show GitHub Exploit DB Packet Storm
237660 3.6 注意 Shlomi Fish - Perl 用 Config::IniFiles モジュールにおける任意のファイルを上書きされる脆弱性 CWE-DesignError
CVE-2012-2451 2012-11-16 10:18 2012-06-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4481 8.8 HIGH
Network 		google chrome Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) CWE-416
 Use After Free 		CVE-2026-11306 2026-06-9 03:04 2026-06-5 Show GitHub Exploit DB Packet Storm
4482 8.8 HIGH
Network 		google chrome Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) CWE-416
 Use After Free 		CVE-2026-11307 2026-06-9 03:04 2026-06-5 Show GitHub Exploit DB Packet Storm
4483 4.2 MEDIUM
Network 		7-zip 7-zip 7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In t… CWE-125
CWE-908
Out-of-bounds Read
 Use of Uninitialized Resource 		CVE-2026-48104 2026-06-9 03:03 2026-06-6 Show GitHub Exploit DB Packet Storm
4484 8.8 HIGH
Network 		google chrome Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Low) CWE-416
 Use After Free 		CVE-2026-11304 2026-06-9 03:02 2026-06-5 Show GitHub Exploit DB Packet Storm
4485 8.8 HIGH
Network 		google chrome Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) CWE-416
 Use After Free 		CVE-2026-11303 2026-06-9 03:01 2026-06-5 Show GitHub Exploit DB Packet Storm
4486 6.5 MEDIUM
Network 		7-zip 7-zip 7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in… CWE-125
CWE-190
Out-of-bounds Read
 Integer Overflow or Wraparound 		CVE-2026-48112 2026-06-9 03:00 2026-06-6 Show GitHub Exploit DB Packet Storm
4487 7.1 HIGH
Network 		7-zip 7-zip 7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM (Windows Imaging) archive handler's security descriptor lo… CWE-125
Out-of-bounds Read 		CVE-2026-48103 2026-06-9 02:54 2026-06-6 Show GitHub Exploit DB Packet Storm
4488 6.3 MEDIUM
Network 		google chrome Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a craf… CWE-269
 Improper Privilege Management 		CVE-2026-11308 2026-06-9 02:43 2026-06-5 Show GitHub Exploit DB Packet Storm
4489 9.8 CRITICAL
Network 		mbs-solutions universal_gateway_firmware An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices. CWE-1393
 Use of Default Password 		CVE-2026-35075 2026-06-9 02:17 2026-06-3 Show GitHub Exploit DB Packet Storm
4490 8.1 HIGH
Network 		mbs-solutions universal_gateway_firmware The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. CWE-73
 External Control of File Name or Path 		CVE-2026-35076 2026-06-9 02:17 2026-06-3 Show GitHub Exploit DB Packet Storm