Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
245731	7.5	危険	アップル Google	-	複数の製品で使用される Webkit におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3924	2012-07-30 18:55	2012-01-23	Show	GitHub Exploit DB Packet Storm

245732	7.2	危険	シマンテック	-	Symantec Web Gateway の管理コンソールにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2957	2012-07-30 17:54	2012-07-20	Show	GitHub Exploit DB Packet Storm

245733	10	危険	シマンテック	-	Symantec Web Gateway の管理コンソールにおける任意のシェルコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2012-2976	2012-07-30 17:52	2012-07-20	Show	GitHub Exploit DB Packet Storm

245734	10	危険	シマンテック	-	Symantec Web Gateway の管理コンソールにおける任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2012-2953	2012-07-30 17:44	2012-07-20	Show	GitHub Exploit DB Packet Storm

245735	7.5	危険	Mozilla Foundation	-	複数の Mozilla 製品のブラウザエンジンの nsWindow 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-0463	2012-07-30 17:22	2012-03-13	Show	GitHub Exploit DB Packet Storm

245736	5	警告	SAND STUDIO	-	AirDroid のログインの実装における多重ログイン防止機能を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3888	2012-07-30 16:53	2012-07-26	Show	GitHub Exploit DB Packet Storm

245737	5	警告	SAND STUDIO	-	AirDroid における重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2012-3887	2012-07-30 16:50	2012-07-26	Show	GitHub Exploit DB Packet Storm

245738	5	警告	SAND STUDIO	-	AirDroid における平文データを取得される脆弱性	CWE-200 情報漏えい	CVE-2012-3886	2012-07-30 16:39	2012-07-26	Show	GitHub Exploit DB Packet Storm

245739	7.5	危険	SAND STUDIO	-	AirDroid のデフォルト設定におけるアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2012-3885	2012-07-30 16:38	2012-07-26	Show	GitHub Exploit DB Packet Storm

245740	5	警告	SAND STUDIO	-	AirDroid におけるアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2012-3884	2012-07-30 16:35	2012-07-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3221	-		-	-	Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19	CWE-404 Improper Resource Shutdown or Release	CVE-2026-45174	2026-06-13 00:30	2026-06-12	Show	GitHub Exploit DB Packet Storm

3222	-		-	-	Idira Privilege Cloud Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validation may not be fully enforced. CyberArk Security Bulletin: CA26…	CWE-295 Improper Certificate Validation	CVE-2026-45170	2026-06-13 00:30	2026-06-12	Show	GitHub Exploit DB Packet Storm

3223	-		-	-	Idira Privileged Access Manager (PAM) Self-Hosted Vault versions prior to 15.0.3, 14.6.5, 14.2.7, and 14.0.8 exhibit a validation vulnerability. Under specific circumstances and configuration scenari…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-45169	2026-06-13 00:30	2026-06-12	Show	GitHub Exploit DB Packet Storm

3224	5.3	MEDIUM Network	siemens	sinec_ins	A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application does not properly sanitize path input in the `GET /api/sftp/uploadFiles` endpoint used fo…	CWE-26 Path Traversal: '/dir/../filename'	CVE-2026-46747	2026-06-13 00:28	2026-06-9	Show	GitHub Exploit DB Packet Storm

3225	7.8	HIGH Local	adobe	format_plugins	Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …	CWE-122 Heap-based Buffer Overflow	CVE-2026-48292	2026-06-13 00:19	2026-06-10	Show	GitHub Exploit DB Packet Storm

3226	7.4	HIGH Network	-	-	A race condition in AbstractOAuthDataProvider allows concurrent requests using the same Refresh Token to bypass single-use semantics and generate multiple valid Access Tokens, when 'recycleRefreshTok…	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-50631	2026-06-13 00:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

3227	6.5	MEDIUM Network	-	-	A CRLF injection vulnerability exists in the OAuth2 AuthorizationUtils class. When constructing the WWW-Authenticate response header, the 'realm' parameter is concatenated without sanitizing Carriage…	CWE-113 HTTP Response Splitting	CVE-2026-50630	2026-06-13 00:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

3228	-		-	-	Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a normal user can create a ticket with a reason containing @everyone, @here, user me…	CWE-116 Improper Encoding or Escaping of Output	CVE-2026-47173	2026-06-13 00:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

3229	5.0	MEDIUM Network	-	-	An integer underflow vulnerability was found in MIT krb5 in the berval2tl_data() function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c. The function performs an unsigned subtraction (bv_len - 2)…	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2026-11850	2026-06-13 00:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

3230	7.8	HIGH Local	adobe	format_plugins	Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …	CWE-122 Heap-based Buffer Overflow	CVE-2026-48291	2026-06-13 00:15	2026-06-10	Show	GitHub Exploit DB Packet Storm