Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 25, 2026, 12:01 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 21 | 9.8 |
緊急
Network |
Ivanti | standalone sentry | Ivantiのstandalone sentryにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性 New |
CWE-288
代替パスまたはチャネルを使用した認証回避 |
CVE-2026-10523 | 2026-06-24 10:00 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 22 | 7.5 |
重要
Network |
デル | PowerFlex Manager | デルのPowerFlex Managerにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 New |
CWE-829
信頼性のない制御領域からの機能の組み込み |
CVE-2026-22283 | 2026-06-24 10:00 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 23 | 6.5 |
警告
Network |
Eclipse Foundation | Theia | Eclipse FoundationのTheiaにおける複数の脆弱性 New |
CWE-201 CWE-829 |
CVE-2026-22551 | 2026-06-24 10:00 | 2026-06-18 | Show | GitHub Exploit DB Packet Storm |
| 24 | 5.4 |
警告
Network |
Outlook.com | Microsoft Edge Chromium | Microsoft Edge (Chromium ベース) のなりすましの脆弱性 New |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2026-32208 | 2026-06-24 10:00 | 2026-06-19 | Show | GitHub Exploit DB Packet Storm |
| 25 | 8.1 |
重要
Adjacent |
デル | PowerFlex Manager | デルのPowerFlex Managerにおける認証に関する脆弱性 New |
CWE-287
不適切な認証 |
CVE-2026-32804 | 2026-06-24 09:59 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 26 | 8.8 |
重要
Adjacent |
デル | PowerFlex Manager | デルのPowerFlex Managerにおける重要な機能に対する認証の欠如に関する脆弱性 New |
CWE-306
重要な機能に対する認証の欠如 解説 |
CVE-2026-35065 | 2026-06-24 09:59 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 27 | 7.1 |
重要
Network |
デル | PowerFlex Manager | デルのPowerFlex Managerにおけるアクセス制御に関する脆弱性 New |
CWE-284
不適切なアクセス制御 |
CVE-2026-35066 | 2026-06-24 09:59 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 28 | 8 |
重要
Adjacent |
デル | PowerFlex Manager | デルのPowerFlex Managerにおけるアクセス制御に関する脆弱性 New |
CWE-284
不適切なアクセス制御 |
CVE-2026-35067 | 2026-06-24 09:59 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 29 | 5.7 |
警告
Adjacent |
デル | PowerFlex Manager | デルのPowerFlex ManagerにおけるSQL インジェクションの脆弱性 New |
CWE-89
SQLインジェクション |
CVE-2026-35068 | 2026-06-24 09:59 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 30 | 8 |
重要
Adjacent |
デル | PowerFlex Manager | デルのPowerFlex ManagerにおけるSQL インジェクションの脆弱性 New |
CWE-89
SQLインジェクション |
CVE-2026-35069 | 2026-06-24 09:59 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 25, 2026, 4:04 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 191471 | 9.8 |
CRITICAL
Network |
ricoh |
sp_320dn_firmware sp_325dnw_firmware sp_320sn_firmware sp_320sfn_firmware sp_325snw_firmware sp_325sfnw_firmware sp_330sn_firmware aficio_sp_3500sf_firmware sp_221s_firmware
RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were d…
|
CWE-787
|
Out-of-bounds Write
CVE-2021-33945
|
2024-11-21 15:09 |
2022-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 191472 | 8.2 |
HIGH
Local |
insyde siemens |
insydeh2o simatic_field_pg_m5_firmware simatic_field_pg_m6_firmware simatic_ipc127e_firmware simatic_ipc227g_firmware simatic_ipc277g_firmware simatic_ipc327g_firmware simatic_ip… |
An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockSe… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2021-33627 | 2024-11-21 15:09 | 2022-02-3 | Show | GitHub Exploit DB Packet Storm |
| 191473 | 7.5 |
HIGH
Local |
insyde netapp siemens |
insydeh2o fas\/aff_bios ruggedcom_ape1808_firmware simatic_field_pg_m5_firmware simatic_ipc127e_firmware simatic_itp1000_firmware simatic_ipc277g_firmware simatic_ipc227g_firmwar… |
An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether … |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2021-33625 | 2024-11-21 15:09 | 2022-02-3 | Show | GitHub Exploit DB Packet Storm |
| 191474 | 5.4 |
MEDIUM
Network |
gadget_works_online_ordering_system_project | gadget_works_online_ordering_system | A Cross Site Scripting (XSS) vulnerabilty exists in Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 via the Category parameter in an add function in category/index.php. |
CWE-79
Cross-site Scripting |
CVE-2021-34073 | 2024-11-21 15:09 | 2022-01-29 | Show | GitHub Exploit DB Packet Storm |
| 191475 | 5.4 |
MEDIUM
Network |
spotweb_project | spotweb | Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows authenticated attackers to execute arbitrary code via crafted GET request to the login page. |
CWE-79
Cross-site Scripting |
CVE-2021-33966 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191476 | 6.1 |
MEDIUM
Network |
fresenius-kabi |
agilia_connect_firmware vigilant_centerium vigilant_mastermed vigilant_insight agilia_partner_maintenance_software link\+_agilia_firmware |
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 is vulnerable to reflected cross-site scripting attacks. An attacker could inject JavaScript in a GET parameter of HTTP re… |
CWE-79
Cross-site Scripting |
CVE-2021-33848 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191477 | 7.2 |
HIGH
Network |
fresenius-kabi |
vigilant_centerium vigilant_mastermed vigilant_insight agilia_partner_maintenance_software agilia_connect_firmware link\+_agilia_firmware |
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in posses… |
CWE-327
Use of a Broken or Risky Cryptographic Algorithm |
CVE-2021-33846 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191478 | 5.3 |
MEDIUM
Network |
fresenius-kabi | agilia_sp_mc_wifi_firmware | Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values s… |
CWE-306
Missing Authentication for Critical Function |
CVE-2021-33843 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191479 | 9.8 |
CRITICAL
Network |
libspf2_project | libspf2 | libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted… |
CWE-787
Out-of-bounds Write |
CVE-2021-33913 | 2024-11-21 15:09 | 2022-01-20 | Show | GitHub Exploit DB Packet Storm |
| 191480 | 9.8 |
CRITICAL
Network |
libspf2_project debian |
libspf2 debian_linux |
libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with… |
CWE-787
Out-of-bounds Write |
CVE-2021-33912 | 2024-11-21 15:09 | 2022-01-20 | Show | GitHub Exploit DB Packet Storm |