Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 12:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258171	4.3	警告	サン・マイクロシステムズ Pidgin レッドハット	-	Pidgin の libpurple におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0420	2010-05-14 18:38	2010-02-18	Show	GitHub Exploit DB Packet Storm

258172	7.5	危険	Carnegie Mellon University (Project Cyrus) アップルサイバートラスト株式会社サン・マイクロシステムズオラクルレッドハット	-	Cyrus SASL ライブラリにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0688	2010-05-14 18:37	2009-05-15	Show	GitHub Exploit DB Packet Storm

258173	7.5	危険	サン・マイクロシステムズ GNOME Project レッドハット	-	Evolution Data Server (別名 evolution-data-server) における複数の整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-0587	2010-05-14 18:37	2009-03-14	Show	GitHub Exploit DB Packet Storm

258174	5.8	警告	サン・マイクロシステムズ GNOME Project レッドハット	-	Evolution Data Server (別名 evolution-data-server) の ntlm_challenge 関数におけるプロセスメモリ情報の漏洩またはサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-0582	2010-05-14 18:37	2009-03-14	Show	GitHub Exploit DB Packet Storm

258175	1.2	注意	日本電気サイバートラスト株式会社サン・マイクロシステムズターボリナックス OpenSSL Project レッドハット	-	RSA key reconstruction vulnerability	-	CVE-2007-3108	2010-05-14 18:37	2007-08-16	Show	GitHub Exploit DB Packet Storm

258176	5	警告	ヒューレット・パッカードサイバートラスト株式会社 OpenSSL Project ターボリナックスレッドハット	-	OpenSSL の zlib_stateful_finish 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-4355	2010-05-13 17:21	2010-01-13	Show	GitHub Exploit DB Packet Storm

258177	9.3	危険	日立	-	XMAP3 における任意のコードが実行される脆弱性	CWE-noinfo 情報不足	-	2010-05-13 15:14	2010-04-12	Show	GitHub Exploit DB Packet Storm

258178	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Plan In-Season コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0863	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

258179	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Place In-Season コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0864	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

258180	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Markdown Optimization コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0862	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
5801	5.4	MEDIUM Network	google	chrome	Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security s…	CWE-94 Code Injection	CVE-2026-8539	2026-05-20 01:18	2026-05-15	Show	GitHub Exploit DB Packet Storm

5802	8.8	HIGH Network	axis	axis_os	A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to privilege escalation. This vulnerability can only be exploited if …	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-1185	2026-05-20 01:07	2026-05-12	Show	GitHub Exploit DB Packet Storm

5803	7.3	HIGH Local	axis	axis_os	An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axi…	CWE-35 Path Traversal: '.../...//'	CVE-2026-0804	2026-05-20 01:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

5804	7.3	HIGH Local	axis	axis_os	An ACAP configuration file lacked sufficient input validation, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis d…	CWE-1287 Improper Validation of Specified Type of Input	CVE-2026-0802	2026-05-20 01:05	2026-05-12	Show	GitHub Exploit DB Packet Storm

5805	7.3	HIGH Local	axis	axis_os	ACAP applications can gain elevated privileges due to improper input validation during the installation process, potentially leading to privilege escalation. This vulnerability can only be exploited …	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-0541	2026-05-20 00:40	2026-05-12	Show	GitHub Exploit DB Packet Storm

5806	6.1	MEDIUM Network	-	-	Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Cross-site Scripting (XSS) via the annotated formatter due to improper sanitization of JSON values and property names. If an appli…	CWE-79 Cross-site Scripting	CVE-2026-8656	2026-05-20 00:38	2026-05-16	Show	GitHub Exploit DB Packet Storm

5807	8.2	HIGH Network	-	-	Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Prototype Pollution via the jsondiffpatch.patch() and jsondiffpatch/formatters/jsonpatch.patch() APIs. An attacker can perform pro…	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-8657	2026-05-20 00:38	2026-05-16	Show	GitHub Exploit DB Packet Storm

5808	7.5	HIGH Network	-	-	This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero record size. During parsing,…	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2026-8813	2026-05-20 00:38	2026-05-19	Show	GitHub Exploit DB Packet Storm

5809	5.3	MEDIUM Network	-	-	Versions of the package exifreader before 4.39.0 are vulnerable to Improper Handling of Highly Compressed Data (Data Amplification) due to decompressing PNG zTXt metadata without enforcing a built-in…	CWE-409 Improper Handling of Highly Compressed Data (Data Amplification)	CVE-2026-8814	2026-05-20 00:38	2026-05-19	Show	GitHub Exploit DB Packet Storm

5810	9.8	CRITICAL Network	microsoft	edge_chromium	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability	CWE-20 CWE-94 CWE-119 Improper Input Validation Code Injection Incorrect Access of Indexable Resource ('Range Error')	CVE-2026-45495	2026-05-20 00:35	2026-05-19	Show	GitHub Exploit DB Packet Storm