Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 4:11 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
133441	8.7	重要 Network	デル	Dell EMC Integrated Data Protection Appliance Dell EMC Avamar Server	DELL EMC Avamar Server におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2020-29494	2021-09-29 17:18	2020-12-3	Show	GitHub Exploit DB Packet Storm

133442	9.8	緊急 Network	デル	Dell EMC Integrated Data Protection Appliance Dell EMC Avamar Server	DELL EMC Avamar Server における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2020-29493	2021-09-29 17:18	2020-12-3	Show	GitHub Exploit DB Packet Storm

133443	7.2	重要 Network	シスコシステムズ	Application Extension Platform Cisco RV110W Wireless-N VPN Firewall ファームウェア RV130 VPN Router ファームウェア RV215W Wireless-N VPN Ro…	複数の Cisco Small Business RV ルータにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2021-1189	2021-09-29 17:00	2021-01-13	Show	GitHub Exploit DB Packet Storm

133444	2.7	低 Network	レッドハット	Single Sign-On	Red Hat Single Sign On アプリケーションコンソールにおける秘密のタイミングチャネルに関する脆弱性	CWE-385 秘密のタイミングチャネル	CVE-2020-14341	2021-09-29 16:54	2020-07-23	Show	GitHub Exploit DB Packet Storm

133445	7.2	重要 Network	シスコシステムズ	Application Extension Platform Cisco RV110W Wireless-N VPN Firewall ファームウェア RV130 VPN Router ファームウェア RV215W Wireless-N VPN Ro…	複数の Cisco Small Business RV ルータにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2021-1147	2021-09-29 16:51	2021-01-13	Show	GitHub Exploit DB Packet Storm

133446	5.9	警告 Network	m2crypto project Fedora Project レッドハット	m2crypto Red Hat Enterprise Linux Fedora Red Hat Virtualization	m2crypto における脆弱性	CWE-Other その他	CVE-2020-25657	2021-09-29 16:47	2020-10-20	Show	GitHub Exploit DB Packet Storm

133447	7.2	重要 Network	シスコシステムズ	Application Extension Platform Cisco RV110W Wireless-N VPN Firewall ファームウェア RV130 VPN Router ファームウェア RV215W Wireless-N VPN Ro…	複数の Cisco Small Business RV ルータにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2021-1148	2021-09-29 16:32	2021-01-13	Show	GitHub Exploit DB Packet Storm

133448	7.8	重要 Local	mubu	mubu	Mubu における権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2021-3134	2021-09-29 16:30	2021-01-1	Show	GitHub Exploit DB Packet Storm

133449	3.3	低 Local	マイクロソフト	Microsoft Windows Server Microsoft Windows Server 2022 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 Microsoft Windows…	複数の Microsoft Windows 製品におけるなりすまされる脆弱性	CWE-noinfo 情報不足	CVE-2021-36959	2021-09-29 16:24	2021-09-14	Show	GitHub Exploit DB Packet Storm

133450	3.3	低 Local	マイクロソフト	Visual Studio Code	Visual Studio Code におけるなりすまされる脆弱性	CWE-noinfo 情報不足	CVE-2021-26437	2021-09-29 16:24	2021-09-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
161	6.5	MEDIUM Network	google	chrome	Insufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions v… Update	CWE-20 CWE-602 Improper Input Validation Client-Side Enforcement of Server-Side Security	CVE-2026-11287	2026-06-9 01:31	2026-06-5	Show	GitHub Exploit DB Packet Storm

162	5.3	MEDIUM Network	cosimo	net\	Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional st… Update	CWE-93 CRLF Injection	CVE-2026-46739	2026-06-9 01:31	2026-06-5	Show	GitHub Exploit DB Packet Storm

163	7.5	HIGH Network	oalders	html\	HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. The XS routine backing HTML::Entities::_decode_entities cached a pointer (repl) into the entity-value SV retu… Update	CWE-416 Use After Free	CVE-2026-8829	2026-06-9 01:29	2026-06-4	Show	GitHub Exploit DB Packet Storm

164	5.0	MEDIUM Local	google	chrome	Integer overflow in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted ETW event. (Ch… Update	CWE-472 CWE-190 External Control of Assumed-Immutable Web Parameter Integer Overflow or Wraparound	CVE-2026-11281	2026-06-9 01:27	2026-06-5	Show	GitHub Exploit DB Packet Storm

165	-		-	-	Use After Free vulnerability in Apache HTTP Server module mod_http2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67. New	CWE-416 Use After Free	CVE-2026-48913	2026-06-9 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

166	-		-	-	phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attac… New	CWE-328 Use of Weak Hash	CVE-2026-48488	2026-06-9 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

167	8.8	HIGH Network	-	-	Bludit is a content management system. Versions prior to 3.22.0 have a Broken Access Control flaw where active sessions remain valid even after the corresponding user account has been physically del… New	CWE-285 CWE-613 Improper Authorization Insufficient Session Expiration	CVE-2026-46656	2026-06-9 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

168	-		-	-	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-workspace row takeover. This… New	CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-46478	2026-06-9 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

169	-		-	-	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, dataset create and update mass-assignment allows cross-workspace dataset takeover. Thi… New	CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-46477	2026-06-9 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

170	-		-	-	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, CustomTemplate create and update mass-assignment allows cross-workspace template takeo… New	CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-46476	2026-06-9 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm