Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
260191 4 警告 オラクル - Oracle Solaris および OpenSolaris における ZFS の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2010-3540 2010-11-2 15:53 2010-10-12 Show GitHub Exploit DB Packet Storm
260192 4 警告 オラクル - Oracle Solaris および OpenSolaris における InfiniBand の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2010-3516 2010-11-2 15:52 2010-10-12 Show GitHub Exploit DB Packet Storm
260193 4 警告 オラクル - Oracle Solaris および OpenSolaris の Solaris コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2010-3515 2010-11-2 15:52 2010-10-12 Show GitHub Exploit DB Packet Storm
260194 4.3 警告 オラクル - Oracle Sun Products Suite の Oracle iPlanet Web Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2010-3514 2010-11-2 15:52 2010-10-12 Show GitHub Exploit DB Packet Storm
260195 4.9 警告 オラクル - Oracle Solaris および OpenSolaris における Kernel/X86 の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2010-3517 2010-11-2 15:51 2010-10-12 Show GitHub Exploit DB Packet Storm
260196 5.8 警告 オラクル - Oracle Sun Products Suite の Oracle iPlanet Web Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2010-3545 2010-11-2 15:51 2010-10-12 Show GitHub Exploit DB Packet Storm
260197 6.3 警告 オラクル - Oracle Solaris における su の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2010-3503 2010-11-2 15:51 2010-10-12 Show GitHub Exploit DB Packet Storm
260198 9.3 危険 アップル
サイバートラスト株式会社
ターボリナックス
FreeType Project
オラクル
レッドハット
- FreeType 2 における CFF フォントの処理に脆弱性 CWE-119
バッファエラー
CVE-2010-1797 2010-11-2 15:24 2010-08-9 Show GitHub Exploit DB Packet Storm
260199 6.6 警告 オラクル - Oracle Solaris における Live Upgrade の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2010-3507 2010-11-1 15:41 2010-10-12 Show GitHub Exploit DB Packet Storm
260200 10 危険 オラクル - Oracle Solaris における Scheduler の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2010-3509 2010-11-1 15:41 2010-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4881 - - - Backend users were able to insert arbitrary records and files into the TYPO3 clipboard without proper read permission checks, which allowed users to gather information about records and files they we… CWE-200
CWE-862
Information Exposure
 Missing Authorization
CVE-2026-47351 2026-06-9 22:46 2026-06-9 Show GitHub Exploit DB Packet Storm
4882 - - - Authenticated backend users were able to retrieve file metadata via several Backend API routes without proper permission checks, allowing access to files outside their permitted file mounts or storag… CWE-862
 Missing Authorization
CVE-2026-47352 2026-06-9 22:46 2026-06-9 Show GitHub Exploit DB Packet Storm
4883 - - - The path allowance check in GeneralUtility::isAllowedAbsPath() performed a plain string prefix comparison without requiring a directory separator boundary, causing a path like /var/www/html-other/sec… CWE-22
Path Traversal
CVE-2026-49738 2026-06-9 22:46 2026-06-9 Show GitHub Exploit DB Packet Storm
4884 - - - TYPO3's cache frontend (VariableFrontend) and persistent key-value store (Registry) deserialized PHP payloads without integrity validation or class restrictions. An attacker with write access to the … CWE-502
 Deserialization of Untrusted Data
CVE-2026-49740 2026-06-9 22:46 2026-06-9 Show GitHub Exploit DB Packet Storm
4885 - - - Backend users with write access to the form_definition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persisten… CWE-89
CWE-862
SQL Injection
 Missing Authorization
CVE-2026-49741 2026-06-9 22:46 2026-06-9 Show GitHub Exploit DB Packet Storm
4886 - - - Backend users with file download permissions were able to download files from the fallback storage of the file abstraction layer (FAL) via the Media Module. Since the fallback storage resolves paths … CWE-22
CWE-200
Path Traversal
Information Exposure
CVE-2026-49742 2026-06-9 22:46 2026-06-9 Show GitHub Exploit DB Packet Storm
4887 7.5 HIGH
Network
google chrome Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted H… CWE-269
 Improper Privilege Management
CVE-2026-11296 2026-06-9 22:45 2026-06-5 Show GitHub Exploit DB Packet Storm
4888 4.3 MEDIUM
Network
google chrome Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severi… CWE-346
 Origin Validation Error
CVE-2026-11298 2026-06-9 22:44 2026-06-5 Show GitHub Exploit DB Packet Storm
4889 6.5 MEDIUM
Network
google chrome Integer overflow in Fonts in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security… CWE-125
CWE-190
Out-of-bounds Read
 Integer Overflow or Wraparound
CVE-2026-11299 2026-06-9 22:43 2026-06-5 Show GitHub Exploit DB Packet Storm
4890 6.3 MEDIUM
Local
- - Permission management vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect service integrity. CWE-701
 Weaknesses Introduced During Design
CVE-2026-41975 2026-06-9 22:34 2026-06-9 Show GitHub Exploit DB Packet Storm