Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1031 7.8 重要
Local 		アドビシステムズ Adobe Format Plugins アドビのAdobe Format Pluginsにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-48291 2026-06-15 11:15 2026-06-9 Show GitHub Exploit DB Packet Storm
1032 7.8 重要
Local 		アドビシステムズ Adobe Format Plugins アドビのAdobe Format Pluginsにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-48292 2026-06-15 11:15 2026-06-9 Show GitHub Exploit DB Packet Storm
1033 10 緊急
Network 		アドビシステムズ Adobe Campaign アドビのAdobe Campaignにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-48303 2026-06-15 11:15 2026-06-9 Show GitHub Exploit DB Packet Storm
1034 5.4 警告
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のなりすましの脆弱性 CWE-502
CWE-79
CVE-2026-48560 2026-06-15 11:15 2026-06-9 Show GitHub Exploit DB Packet Storm
1035 4.6 警告
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のなりすましの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-48562 2026-06-15 11:15 2026-06-9 Show GitHub Exploit DB Packet Storm
1036 5.5 警告
Local 		マイクロソフト Visual Studio Code Visual Studio Code セキュリティ機能のバイパスの脆弱性 CWE-20
CWE-23
CWE-noinfo
CVE-2026-48569 2026-06-15 11:15 2026-06-9 Show GitHub Exploit DB Packet Storm
1037 7.8 重要
Local 		マイクロソフト Microsoft PC Manager Microsoft PC マネージャーのセキュリティ機能バイパスの脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-49161 2026-06-15 11:15 2026-06-9 Show GitHub Exploit DB Packet Storm
1038 8.8 重要
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-50223 2026-06-15 11:15 2026-06-10 Show GitHub Exploit DB Packet Storm
1039 6.5 警告
Network 		Apache Software Foundation Apache CXF Apache Software FoundationのApache CXFにおける認証に関する脆弱性 CWE-287
CWE-noinfo
CVE-2026-50623 2026-06-15 11:15 2026-06-12 Show GitHub Exploit DB Packet Storm
1040 5.3 警告
Network 		Apache Software Foundation Apache CXF Apache Software FoundationのApache CXFにおけるCRLF インジェクションの脆弱性 CWE-93
CRLF インジェクション 		CVE-2026-50629 2026-06-15 11:15 2026-06-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
309561 - microsoft windows_2003_server The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an update request for a service principal name (SPN), which allows remote attackers to cause a denial of s… CWE-20
 Improper Input Validation  		CVE-2011-0040 2024-11-21 10:23 2011-02-9 Show GitHub Exploit DB Packet Storm
309562 - microsoft windows_2003_server
windows_xp 		The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly process authentication requests, which allows local users to gain priv… CWE-287
Improper Authentication 		CVE-2011-0039 2024-11-21 10:23 2011-02-9 Show GitHub Exploit DB Packet Storm
309563 - microsoft windows_server_2008
windows_7 		The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in Microsoft Windows Server 2008 R2 and Windows 7 do not properly load decoded scripts obtained from web pages, which allows remote attacker… CWE-200
Information Exposure 		CVE-2011-0031 2024-11-21 10:23 2011-02-9 Show GitHub Exploit DB Packet Storm
309564 - microsoft windows_2003_server
windows_xp 		The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive info… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-0030 2024-11-21 10:23 2011-02-9 Show GitHub Exploit DB Packet Storm
309565 - topazsystems sigplus_pro_activex_control Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allow remote attackers to execute arbitrary code via a long (1) KeyStr… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-0324 2024-11-21 10:23 2011-02-8 Show GitHub Exploit DB Packet Storm
309566 - topazsystems sigplus_pro_activex_control Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allows remote attackers to execute arbitrary code by calling the exposed unsafe (1) SetLogFilePath and (2) Sig… NVD-CWE-Other
CVE-2011-0323 2024-11-21 10:23 2011-02-8 Show GitHub Exploit DB Packet Storm
309567 - redhat icedtea IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures for JAR files that (1) are "partially signed" or (2) signed by multiple entities, which allows rem… CWE-20
 Improper Input Validation  		CVE-2011-0025 2024-11-21 10:23 2011-02-5 Show GitHub Exploit DB Packet Storm
309568 - mj2 majordomo_2 Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the h… CWE-22
Path Traversal 		CVE-2011-0049 2024-11-21 10:23 2011-02-4 Show GitHub Exploit DB Packet Storm
309569 - mediawiki mediawiki Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injectio… CWE-79
Cross-site Scripting 		CVE-2011-0047 2024-11-21 10:23 2011-02-4 Show GitHub Exploit DB Packet Storm
309570 - cisco tandberg_endpoint
tandberg_personal_video_unit_software
tandberg_personal_video_unit 		The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easi… CWE-255
Credentials Management 		CVE-2011-0354 2024-11-21 10:23 2011-02-4 Show GitHub Exploit DB Packet Storm