Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251001	3.5	注意	Geoff Davies	-	Drupal 用 Contact Forms モジュールにおけるモジュールの設定を変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2340	2012-05-23 19:12	2012-05-21	Show	GitHub Exploit DB Packet Storm

251002	4.3	警告	Nancy Wichmann	-	Drupal 用 Glossary モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2339	2012-05-23 19:00	2012-05-21	Show	GitHub Exploit DB Packet Storm

251003	2.6	注意	Ishmael Sanchez	-	Drupal 用 Aberdeen テーマの aberdeen_breadcrumb 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2907	2012-05-23 18:57	2012-05-21	Show	GitHub Exploit DB Packet Storm

251004	5	警告	mark pilgrim	-	Universal Feed Parser におけるサービス運用妨害 (メモリ消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-2921	2012-05-23 18:50	2012-05-2	Show	GitHub Exploit DB Packet Storm

251005	4.3	警告	Weston Ruter	-	WordPress 用 User Photo プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2920	2012-05-23 18:48	2012-05-21	Show	GitHub Exploit DB Packet Storm

251006	4.3	警告	Andrew Killen	-	WordPress 用 Share and Follow プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2917	2012-05-23 18:47	2012-05-21	Show	GitHub Exploit DB Packet Storm

251007	4.3	警告	dlo	-	WordPress 用 Sabre プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2916	2012-05-23 18:46	2012-05-21	Show	GitHub Exploit DB Packet Storm

251008	4.3	警告	Hind	-	WordPress 用 Leaflet プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2913	2012-05-23 18:41	2012-05-21	Show	GitHub Exploit DB Packet Storm

251009	4.3	警告	Kolja Schleich	-	WordPress 用 LeagueManager プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2912	2012-05-23 18:25	2012-05-21	Show	GitHub Exploit DB Packet Storm

251010	5	警告	Chevereto Software	-	Chevereto の Upload/engine.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-2919	2012-05-23 18:19	2012-05-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
202601	7.8	HIGH Local	google	android	In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. This could lead to local esca…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2021-0438	2024-11-21 14:42	2021-04-14	Show	GitHub Exploit DB Packet Storm

202602	7.8	HIGH Local	google	android	In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User inter…	CWE-415 Double Free	CVE-2021-0437	2024-11-21 14:42	2021-04-14	Show	GitHub Exploit DB Packet Storm

202603	5.5	MEDIUM Local	google	android	In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges n…	CWE-190 Integer Overflow or Wraparound	CVE-2021-0436	2024-11-21 14:42	2021-04-14	Show	GitHub Exploit DB Packet Storm

202604	7.5	HIGH Network	google	android	In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges n…	CWE-665 Improper Initialization	CVE-2021-0435	2024-11-21 14:42	2021-04-14	Show	GitHub Exploit DB Packet Storm

202605	8.0	HIGH Adjacent	google	android	In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of pr…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2021-0433	2024-11-21 14:42	2021-04-14	Show	GitHub Exploit DB Packet Storm

202606	7.0	HIGH Local	google	android	In ClearPullerCacheIfNecessary and ForceClearPullerCache of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with n…	CWE-362 Race Condition	CVE-2021-0432	2024-11-21 14:42	2021-04-14	Show	GitHub Exploit DB Packet Storm

202607	7.5	HIGH Network	google	android	In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional executio…	CWE-125 Out-of-bounds Read	CVE-2021-0431	2024-11-21 14:42	2021-04-14	Show	GitHub Exploit DB Packet Storm

202608	9.8	CRITICAL Network	google	android	In rw_mfc_handle_read_op of rw_mfc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution via a malicious NFC packet with no additional ex…	CWE-787 Out-of-bounds Write	CVE-2021-0430	2024-11-21 14:42	2021-04-14	Show	GitHub Exploit DB Packet Storm

202609	7.8	HIGH Local	google	android	In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interact…	CWE-416 Use After Free	CVE-2021-0429	2024-11-21 14:42	2021-04-14	Show	GitHub Exploit DB Packet Storm

202610	5.5	MEDIUM Local	google	android	In getSimSerialNumber of TelephonyManager.java, there is a possible way to read a trackable identifier due to a missing permission check. This could lead to local information disclosure with User exe…	CWE-862 Missing Authorization	CVE-2021-0428	2024-11-21 14:42	2021-04-14	Show	GitHub Exploit DB Packet Storm