Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
257891 6.8 警告 アップル - Apple iOS の OfficeImport におけるメモリ二重解放の脆弱性 CWE-94
コード・インジェクション
CVE-2011-3261 2011-10-24 16:30 2011-10-14 Show GitHub Exploit DB Packet Storm
257892 - - OneOrZero - OneOrZero AIMS に複数の脆弱性 - - 2011-10-24 11:14 2011-10-14 Show GitHub Exploit DB Packet Storm
257893 7.6 危険 アップル - 複数の Apple 製品で使用される WebKit におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー
CVE-2011-3236 2011-10-24 11:08 2011-10-12 Show GitHub Exploit DB Packet Storm
257894 7.6 危険 アップル - 複数の Apple 製品で使用される WebKit におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー
CVE-2011-3237 2011-10-24 11:08 2011-10-12 Show GitHub Exploit DB Packet Storm
257895 7.6 危険 アップル - Apple iTunes で使用される CoreFoundation におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー
CVE-2011-0259 2011-10-24 11:07 2011-10-12 Show GitHub Exploit DB Packet Storm
257896 9.3 危険 マイクロソフト - Microsoft Internet Explorer 8 における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-1999 2011-10-21 15:40 2011-10-11 Show GitHub Exploit DB Packet Storm
257897 9.3 危険 マイクロソフト - Microsoft Internet Explorer 9 における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-1998 2011-10-21 15:39 2011-10-11 Show GitHub Exploit DB Packet Storm
257898 9.3 危険 マイクロソフト - Microsoft Internet Explorer 6 における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-1997 2011-10-21 15:39 2011-10-11 Show GitHub Exploit DB Packet Storm
257899 9.3 危険 マイクロソフト - Microsoft Internet Explorer 6 から 8 における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-1996 2011-10-21 15:38 2011-10-11 Show GitHub Exploit DB Packet Storm
257900 9.3 危険 マイクロソフト - Microsoft Internet Explorer 6 から 9 における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-1995 2011-10-21 15:35 2011-10-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4721 9.9 CRITICAL
Network
- - An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts… CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2026-10523 2026-06-10 01:16 2026-06-10 Show GitHub Exploit DB Packet Storm
4722 9.1 CRITICAL
Network
- - Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after aut… CWE-384
 Session Fixation
CVE-2009-10007 2026-06-10 01:16 2026-06-9 Show GitHub Exploit DB Packet Storm
4723 9.1 CRITICAL
Network
apache http_server A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. User… CWE-668
 Exposure of Resource to Wrong Sphere
CVE-2026-42535 2026-06-10 01:00 2026-06-9 Show GitHub Exploit DB Packet Storm
4724 7.5 HIGH
Network
apache http_server Heap-based Buffer Overflow vulnerability in Apache HTTP Server with mod_xml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are re… CWE-122
Heap-based Buffer Overflow
CVE-2026-42536 2026-06-10 00:55 2026-06-9 Show GitHub Exploit DB Packet Storm
4725 4.3 MEDIUM
Network
google chrome Insufficient validation of untrusted input in Wallet in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HT… CWE-20
CWE-451
 Improper Input Validation 
 User Interface (UI) Misrepresentation of Critical Information
CVE-2026-11286 2026-06-10 00:42 2026-06-5 Show GitHub Exploit DB Packet Storm
4726 4.3 MEDIUM
Network
google chrome Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Lo… CWE-451
 User Interface (UI) Misrepresentation of Critical Information
CVE-2026-11285 2026-06-10 00:37 2026-06-5 Show GitHub Exploit DB Packet Storm
4727 6.5 MEDIUM
Network
google chrome Side-channel information leakage in PerformanceAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: L… CWE-1300
CWE-203
 Improper Protection of Physical Side Channels
 Information Exposure Through Discrepancy
CVE-2026-11284 2026-06-10 00:27 2026-06-5 Show GitHub Exploit DB Packet Storm
4728 9.6 CRITICAL
Network
google chrome Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securi… CWE-693
 Protection Mechanism Failure
CVE-2026-11282 2026-06-10 00:26 2026-06-5 Show GitHub Exploit DB Packet Storm
4729 - - - phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attac… CWE-328
 Use of Weak Hash
CVE-2026-48488 2026-06-10 00:25 2026-06-9 Show GitHub Exploit DB Packet Storm
4730 5.5 MEDIUM
Local
- - fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs. From version 2.3.1 to before version 2.5.10, when chaincode is deployed in chaincode-as-a-service mode … CWE-532
 Inclusion of Sensitive Information in Log Files
CVE-2026-45581 2026-06-10 00:25 2026-06-9 Show GitHub Exploit DB Packet Storm