Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3581 8.8 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-8975 2026-05-22 10:51 2026-05-19 Show GitHub Exploit DB Packet Storm
3582 3.3
Local 		Siber Systems Inc. RoboForm Password Manager Androidアプリ「パスワード管理 ロボフォーム」のintent処理における検証不備の脆弱性 CWE-357
危険な操作に対する不十分な警告 		CVE-2026-47782 2026-05-21 16:37 2026-05-20 Show GitHub Exploit DB Packet Storm
3583 - - (複数のベンダ) (複数の製品) CISA ICS Advisory / ICS Medical Advisory(2026年05月19日) - - 2026-05-21 16:17 2026-05-20 Show GitHub Exploit DB Packet Storm
3584 6.1 警告
Network 		Northern.tech cfengine Northern.techのcfengineにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-24710 2026-05-21 10:55 2026-05-14 Show GitHub Exploit DB Packet Storm
3585 5.3 警告
Network 		Northern.tech cfengine Northern.techのcfengineにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-24711 2026-05-21 10:55 2026-05-14 Show GitHub Exploit DB Packet Storm
3586 7.3 重要
Network 		Northern.tech cfengine Northern.techのcfengineにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-24712 2026-05-21 10:55 2026-05-14 Show GitHub Exploit DB Packet Storm
3587 9.8 緊急
Network 		Open JS Foundation WebdriverIO Open JS FoundationのWebdriverIOにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-25244 2026-05-21 10:55 2026-05-18 Show GitHub Exploit DB Packet Storm
3588 6.5 警告
Network 		マイクロソフト Power Automate for Desktop Microsoft Power Automate デスクトップの情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2026-40374 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
3589 7.8 重要
Local 		protobufjs project protobufjs-cli protobufjs projectのprotobufjs-cliにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-42290 2026-05-21 10:55 2026-05-13 Show GitHub Exploit DB Packet Storm
3590 6.1 警告
Network 		beaugunderson ip-address beaugundersonのip-addressにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42338 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
305521 - eye eye-fi_helper Directory traversal vulnerability in Eye-Fi Helper before 3.4.23 allows man-in-the-middle attackers to create arbitrary files via a .. (dot dot) in the filesignature in a GetPhotoStatus request. CWE-22
Path Traversal 		CVE-2011-4696 2024-11-21 10:32 2014-03-4 Show GitHub Exploit DB Packet Storm
305522 - redhat jboss_enterprise_portal_platform Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2011-4580 2024-11-21 10:32 2014-02-27 Show GitHub Exploit DB Packet Storm
305523 - redhat jboss_enterprise_application_platform
jboss_enterprise_brms_platform
jboss_communications_platform
jboss_enterprise_web_platform 		JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attacke… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-4610 2024-11-21 10:32 2014-02-11 Show GitHub Exploit DB Packet Storm
305524 - canonical
debian
ubuntu
x.org 		ubuntu_linux
debian_linux
linux
x_server 		The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restricti… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-4613 2024-11-21 10:32 2014-02-6 Show GitHub Exploit DB Packet Storm
305525 - openbsd openssh ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information … CWE-200
Information Exposure 		CVE-2011-4327 2024-11-21 10:32 2014-02-3 Show GitHub Exploit DB Packet Storm
305526 - ffmpeg ffmpeg Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-4351 2024-11-21 10:32 2013-12-10 Show GitHub Exploit DB Packet Storm
305527 - putty putty PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-4607 2024-11-21 10:32 2013-08-24 Show GitHub Exploit DB Packet Storm
305528 - php php Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-4718 2024-11-21 10:32 2013-08-14 Show GitHub Exploit DB Packet Storm
305529 - linux linux_kernel Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some envir… CWE-362
Race Condition 		CVE-2011-4348 2024-11-21 10:32 2013-06-8 Show GitHub Exploit DB Packet Storm
305530 - linux linux_kernel The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resource… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-4347 2024-11-21 10:32 2013-06-8 Show GitHub Exploit DB Packet Storm