Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228761	4.3	警告	Google	-	Google Chrome におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2886	2012-12-26 18:00	2012-09-25	Show	GitHub Exploit DB Packet Storm

228762	2.6	注意	VMware Python Software Foundation	-	Python SimpleHTTPServer におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4940	2012-12-26 18:00	2012-06-19	Show	GitHub Exploit DB Packet Storm

228763	7.5	危険	Google	-	Google Chrome におけるメモリ二重解放の脆弱性	CWE-399 リソース管理の問題	CVE-2012-2885	2012-12-26 17:59	2012-09-25	Show	GitHub Exploit DB Packet Storm

228764	5	警告	Google	-	Google Chrome で使用される Skia におけるサービス運用妨害 (out-of-bounds read) の脆弱性	CWE-119 バッファエラー	CVE-2012-2884	2012-12-26 17:58	2012-09-25	Show	GitHub Exploit DB Packet Storm

228765	4.6	警告	GNU Project VMware	-	GNU C Library の stdlib における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-3480	2012-12-26 17:57	2012-08-25	Show	GitHub Exploit DB Packet Storm

228766	3.3	注意	GNU Project VMware	-	GNU C Library の addmntent 関数における /etc/mtab ファイルの破損を誘発される脆弱性	CWE-16 環境設定	CVE-2011-1089	2012-12-26 17:55	2011-04-10	Show	GitHub Exploit DB Packet Storm

228767	4.4	警告	Fabrice Bellard	-	Qemu の bdrv_open 関数における任意のファイルを上書きされる脆弱性	CWE-DesignError	CVE-2012-2652	2012-12-26 17:48	2012-08-7	Show	GitHub Exploit DB Packet Storm

228768	7.5	危険	Google	-	Google Chrome で使用される Skia におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2012-2883	2012-12-26 17:40	2012-09-25	Show	GitHub Exploit DB Packet Storm

228769	6.8	警告	Google	-	Google Chrome で使用される FFmpeg におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-2882	2012-12-26 17:39	2012-09-25	Show	GitHub Exploit DB Packet Storm

228770	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DOM ツリーの破損) の脆弱性	CWE-noinfo 情報不足	CVE-2012-2881	2012-12-26 17:38	2012-09-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194281	9.1	CRITICAL Network	fltk_project	fltk	An issue was discovered in the fltk crate before 0.15.3 for Rust. There is an out-of bounds read because the pixmap constructor lacks pixmap input validation.	CWE-125 Out-of-bounds Read	CVE-2021-28308	2024-11-21 14:59	2021-03-12	Show	GitHub Exploit DB Packet Storm

194282	7.5	HIGH Network	fltk_project	fltk	An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon.	CWE-476 NULL Pointer Dereference	CVE-2021-28307	2024-11-21 14:59	2021-03-12	Show	GitHub Exploit DB Packet Storm

194283	7.5	HIGH Network	fltk_project	fltk	An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a multi label type if the image is nonexistent.	CWE-476 NULL Pointer Dereference	CVE-2021-28306	2024-11-21 14:59	2021-03-12	Show	GitHub Exploit DB Packet Storm

194284	9.8	CRITICAL Network	diesel	diesel	An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.	CWE-416 Use After Free	CVE-2021-28305	2024-11-21 14:59	2021-03-12	Show	GitHub Exploit DB Packet Storm

194285	9.1	CRITICAL Network	camunda	modeler	Camunda Modeler (aka camunda-modeler) through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulat…	CWE-862 Missing Authorization	CVE-2021-28154	2024-11-21 14:59	2021-03-12	Show	GitHub Exploit DB Packet Storm

194286	8.0	HIGH Adjacent	dlink	dir-841_firmware	/jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute (under System Tools).	CWE-78 OS Command	CVE-2021-28143	2024-11-21 14:59	2021-03-12	Show	GitHub Exploit DB Packet Storm

194287	5.3	MEDIUM Network	gnome debian fedoraproject broadcom	glib debian_linux fedora brocade_fabric_operating_system_firmware	An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the…	CWE-59 Link Following	CVE-2021-28153	2024-11-21 14:59	2021-03-12	Show	GitHub Exploit DB Packet Storm

194288	8.8	HIGH Network	dlink	dir-3060_firmware	prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables…	CWE-78 OS Command	CVE-2021-28144	2024-11-21 14:59	2021-03-12	Show	GitHub Exploit DB Packet Storm

194289	9.8	CRITICAL Network	telerik	ui_for_asp.net_ajax	An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to MicrosoftAjax.js through the Telerik.Web.UI.WebResource.axd file. This may allow the attac…	CWE-862 Missing Authorization	CVE-2021-28141	2024-11-21 14:59	2021-03-12	Show	GitHub Exploit DB Packet Storm

194290	5.4	MEDIUM Network	impresscms	impresscms	Cross-site scripting (XSS) in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field.	CWE-79 Cross-site Scripting	CVE-2021-28088	2024-11-21 14:59	2021-03-12	Show	GitHub Exploit DB Packet Storm