Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 25, 2026, 10:01 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | - | - | 日立 |
Hitachi Ops Center Analyzer viewpoint Hitachi Infrastructure Analytics Advisor Hitachi Ops Center Viewpoint Hitachi Ops Center&nbs… |
Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Analyzer viewpointおよびHitachi Ops Center Viewpointにおける複数の脆弱性 New | - |
CVE-2023-35116 CVE-2025-24970 CVE-2025-25193 CVE-2025-48924 CVE-2025-55163 CVE-2025-58056 CVE-2025-58057 |
2026-06-25 09:25 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
| 2 | - | - | 横河電機株式会社 |
統合情報サーバ(CIサーバ) FAST/TOOLS |
横河電機製FAST/TOOLSおよびCI Serverにおける重要情報の平文送信の脆弱性 New |
CWE-319
重要な情報の平文での送信 |
CVE-2026-11833 | 2026-06-24 14:38 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
| 3 | - | - | (複数のベンダ) | (複数の製品) | Microsoft Windows Recovery EnvironmentにおけるUEFI/BIOSパスワード制限回避の脆弱性 New | - | - | 2026-06-24 14:38 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
| 4 | - | - | (複数のベンダ) | (複数の製品) | FastStone Image Viewerにおけるファイル解析に関する複数の脆弱性 New | - | - | 2026-06-24 14:38 | 2026-06-23 | Show | GitHub Exploit DB Packet Storm |
| 5 | 9.8 |
緊急
Network |
InHand Networks |
IR915L-FQ39-S Firmware IR912L-FQ58 Firmware |
InHand NetworksのIR912L-FQ58 Firmware等の複数製品におけるコマンドインジェクションの脆弱性 New |
CWE-77
コマンドインジェクション |
CVE-2026-38714 | 2026-06-24 10:00 | 2026-06-18 | Show | GitHub Exploit DB Packet Storm |
| 6 | 9.8 |
緊急
Network |
InHand Networks |
IR915L-FQ39-S Firmware IR912L-FQ58 Firmware |
InHand NetworksのIR912L-FQ58 Firmware等の複数製品におけるコマンドインジェクションの脆弱性 New |
CWE-77
コマンドインジェクション |
CVE-2026-38715 | 2026-06-24 10:00 | 2026-06-18 | Show | GitHub Exploit DB Packet Storm |
| 7 | 9.8 |
緊急
Network |
InHand Networks |
IR915L-FQ39-S Firmware IR912L-FQ58 Firmware |
InHand NetworksのIR912L-FQ58 Firmware等の複数製品におけるコマンドインジェクションの脆弱性 New |
CWE-77
コマンドインジェクション |
CVE-2026-38716 | 2026-06-24 10:00 | 2026-06-18 | Show | GitHub Exploit DB Packet Storm |
| 8 | 9.8 |
緊急
Network |
InHand Networks |
IR915L-FQ39-S Firmware IR912L-FQ58 Firmware |
InHand NetworksのIR912L-FQ58 Firmware等の複数製品におけるコマンドインジェクションの脆弱性 New |
CWE-77
コマンドインジェクション |
CVE-2026-38717 | 2026-06-24 10:00 | 2026-06-18 | Show | GitHub Exploit DB Packet Storm |
| 9 | 7.5 |
重要
Network |
InHand Networks |
IR915L-FQ39-S Firmware IR912L-FQ58 Firmware |
InHand NetworksのIR912L-FQ58 Firmware等の複数製品における古典的バッファオーバーフローの脆弱性 New |
CWE-120
古典的バッファオーバーフロー |
CVE-2026-38718 | 2026-06-24 10:00 | 2026-06-18 | Show | GitHub Exploit DB Packet Storm |
| 10 | 6.5 |
警告
Network |
Palo Alto Networks | Idira Identity Browser Extension | Palo Alto NetworksのIdira Identity Browser Extensionにおける同一生成元ポリシー違反に関する脆弱性 New |
CWE-346
同一生成元ポリシー違反 |
CVE-2026-45173 | 2026-06-24 10:00 | 2026-06-11 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 25, 2026, 4:04 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 191471 | 9.8 |
CRITICAL
Network |
ricoh |
sp_320dn_firmware sp_325dnw_firmware sp_320sn_firmware sp_320sfn_firmware sp_325snw_firmware sp_325sfnw_firmware sp_330sn_firmware aficio_sp_3500sf_firmware sp_221s_firmware
RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were d…
|
CWE-787
|
Out-of-bounds Write
CVE-2021-33945
|
2024-11-21 15:09 |
2022-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 191472 | 8.2 |
HIGH
Local |
insyde siemens |
insydeh2o simatic_field_pg_m5_firmware simatic_field_pg_m6_firmware simatic_ipc127e_firmware simatic_ipc227g_firmware simatic_ipc277g_firmware simatic_ipc327g_firmware simatic_ip… |
An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockSe… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2021-33627 | 2024-11-21 15:09 | 2022-02-3 | Show | GitHub Exploit DB Packet Storm |
| 191473 | 7.5 |
HIGH
Local |
insyde netapp siemens |
insydeh2o fas\/aff_bios ruggedcom_ape1808_firmware simatic_field_pg_m5_firmware simatic_ipc127e_firmware simatic_itp1000_firmware simatic_ipc277g_firmware simatic_ipc227g_firmwar… |
An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether … |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2021-33625 | 2024-11-21 15:09 | 2022-02-3 | Show | GitHub Exploit DB Packet Storm |
| 191474 | 5.4 |
MEDIUM
Network |
gadget_works_online_ordering_system_project | gadget_works_online_ordering_system | A Cross Site Scripting (XSS) vulnerabilty exists in Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 via the Category parameter in an add function in category/index.php. |
CWE-79
Cross-site Scripting |
CVE-2021-34073 | 2024-11-21 15:09 | 2022-01-29 | Show | GitHub Exploit DB Packet Storm |
| 191475 | 5.4 |
MEDIUM
Network |
spotweb_project | spotweb | Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows authenticated attackers to execute arbitrary code via crafted GET request to the login page. |
CWE-79
Cross-site Scripting |
CVE-2021-33966 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191476 | 6.1 |
MEDIUM
Network |
fresenius-kabi |
agilia_connect_firmware vigilant_centerium vigilant_mastermed vigilant_insight agilia_partner_maintenance_software link\+_agilia_firmware |
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 is vulnerable to reflected cross-site scripting attacks. An attacker could inject JavaScript in a GET parameter of HTTP re… |
CWE-79
Cross-site Scripting |
CVE-2021-33848 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191477 | 7.2 |
HIGH
Network |
fresenius-kabi |
vigilant_centerium vigilant_mastermed vigilant_insight agilia_partner_maintenance_software agilia_connect_firmware link\+_agilia_firmware |
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in posses… |
CWE-327
Use of a Broken or Risky Cryptographic Algorithm |
CVE-2021-33846 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191478 | 5.3 |
MEDIUM
Network |
fresenius-kabi | agilia_sp_mc_wifi_firmware | Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values s… |
CWE-306
Missing Authentication for Critical Function |
CVE-2021-33843 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191479 | 9.8 |
CRITICAL
Network |
libspf2_project | libspf2 | libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted… |
CWE-787
Out-of-bounds Write |
CVE-2021-33913 | 2024-11-21 15:09 | 2022-01-20 | Show | GitHub Exploit DB Packet Storm |
| 191480 | 9.8 |
CRITICAL
Network |
libspf2_project debian |
libspf2 debian_linux |
libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with… |
CWE-787
Out-of-bounds Write |
CVE-2021-33912 | 2024-11-21 15:09 | 2022-01-20 | Show | GitHub Exploit DB Packet Storm |