Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 24, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 341 | 6.5 |
警告
Network |
Android | GoogleのAndroidにおける整数オーバーフローの脆弱性 New |
CWE-190
整数オーバーフローまたはラップアラウンド |
CVE-2026-0128 | 2026-06-23 10:01 | 2026-06-16 | Show | GitHub Exploit DB Packet Storm | |
| 342 | 7.5 |
重要
Network |
Android | GoogleのAndroidにおけるNULL ポインタデリファレンスに関する脆弱性 New |
CWE-476
NULL ポインタデリファレンス |
CVE-2026-0156 | 2026-06-23 10:01 | 2026-06-16 | Show | GitHub Exploit DB Packet Storm | |
| 343 | 8.8 |
重要
Network |
MongoDB Inc. | MongoDB | MongoDB Inc.のMongoDBにおける複数の脆弱性 New |
CWE-416 CWE-787 |
CVE-2026-11933 | 2026-06-23 10:01 | 2026-06-12 | Show | GitHub Exploit DB Packet Storm |
| 344 | 9.1 |
緊急
Network |
シスコシステムズ |
Cisco Identity Services Engine (ISE) Cisco ISE Passive Identity Connector (ISE-PIC) |
シスコシステムズのCisco Identity Services Engine (ISE)等の複数製品におけるパストラバーサルの脆弱性 New |
CWE-22
パス・トラバーサル |
CVE-2026-20181 | 2026-06-23 10:01 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 345 | 7.5 |
重要
Network |
シスコシステムズ |
Cisco Identity Services Engine (ISE) Cisco ISE Passive Identity Connector (ISE-PIC) |
シスコシステムズのCisco Identity Services Engine (ISE)等の複数製品における認可に関する脆弱性 New |
CWE-285
不適切な認可 |
CVE-2026-20190 | 2026-06-23 10:01 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 346 | 6.3 |
警告
Network |
シスコシステムズ | Cisco Crosswork Network Controller | シスコシステムズのCisco Crosswork Network Controllerにおけるインジェクションに関する脆弱性 New |
CWE-74
インジェクション |
CVE-2026-20220 | 2026-06-23 10:01 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 347 | 4.3 |
警告
Network |
Splunk | Splunk AI Toolkit | SplunkのSplunk AI Toolkitにおけるリソースの安全ではないデフォルト値への初期化に関する脆弱性 New |
CWE-1188
リソースの安全ではないデフォルト値への初期化 |
CVE-2026-20265 | 2026-06-23 10:00 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 348 | 9.1 |
緊急
Network |
Splunk | Splunk AI Toolkit | SplunkのSplunk AI ToolkitにおけるOS コマンドインジェクションの脆弱性 New |
CWE-78
OSコマンド・インジェクション |
CVE-2026-20266 | 2026-06-23 10:00 | 2026-06-17 | Show | GitHub Exploit DB Packet Storm |
| 349 | 5.9 |
警告
Network |
VMware | Spring Data MongoDB | VMwareのSpring Data MongoDBにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 New |
CWE-943
データクエリロジックの特殊要素の不適切な中立化 |
CVE-2026-41696 | 2026-06-23 10:00 | 2026-06-10 | Show | GitHub Exploit DB Packet Storm |
| 350 | 8.1 |
重要
Network |
VMware | Spring Data MongoDB | VMwareのSpring Data MongoDBにおける言語構文の表現に使用される特殊な要素の不適切な無効化に関する脆弱性 New |
CWE-917
言語構文の表現に使用される特殊な要素の不適切な無効化 |
CVE-2026-41717 | 2026-06-23 10:00 | 2026-06-10 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 24, 2026, 4 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 191471 | 9.8 |
CRITICAL
Network |
ricoh |
sp_320dn_firmware sp_325dnw_firmware sp_320sn_firmware sp_320sfn_firmware sp_325snw_firmware sp_325sfnw_firmware sp_330sn_firmware aficio_sp_3500sf_firmware sp_221s_firmware
RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were d…
|
CWE-787
|
Out-of-bounds Write
CVE-2021-33945
|
2024-11-21 15:09 |
2022-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 191472 | 8.2 |
HIGH
Local |
insyde siemens |
insydeh2o simatic_field_pg_m5_firmware simatic_field_pg_m6_firmware simatic_ipc127e_firmware simatic_ipc227g_firmware simatic_ipc277g_firmware simatic_ipc327g_firmware simatic_ip… |
An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockSe… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2021-33627 | 2024-11-21 15:09 | 2022-02-3 | Show | GitHub Exploit DB Packet Storm |
| 191473 | 7.5 |
HIGH
Local |
insyde netapp siemens |
insydeh2o fas\/aff_bios ruggedcom_ape1808_firmware simatic_field_pg_m5_firmware simatic_ipc127e_firmware simatic_itp1000_firmware simatic_ipc277g_firmware simatic_ipc227g_firmwar… |
An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether … |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2021-33625 | 2024-11-21 15:09 | 2022-02-3 | Show | GitHub Exploit DB Packet Storm |
| 191474 | 5.4 |
MEDIUM
Network |
gadget_works_online_ordering_system_project | gadget_works_online_ordering_system | A Cross Site Scripting (XSS) vulnerabilty exists in Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 via the Category parameter in an add function in category/index.php. |
CWE-79
Cross-site Scripting |
CVE-2021-34073 | 2024-11-21 15:09 | 2022-01-29 | Show | GitHub Exploit DB Packet Storm |
| 191475 | 5.4 |
MEDIUM
Network |
spotweb_project | spotweb | Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows authenticated attackers to execute arbitrary code via crafted GET request to the login page. |
CWE-79
Cross-site Scripting |
CVE-2021-33966 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191476 | 6.1 |
MEDIUM
Network |
fresenius-kabi |
agilia_connect_firmware vigilant_centerium vigilant_mastermed vigilant_insight agilia_partner_maintenance_software link\+_agilia_firmware |
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 is vulnerable to reflected cross-site scripting attacks. An attacker could inject JavaScript in a GET parameter of HTTP re… |
CWE-79
Cross-site Scripting |
CVE-2021-33848 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191477 | 7.2 |
HIGH
Network |
fresenius-kabi |
vigilant_centerium vigilant_mastermed vigilant_insight agilia_partner_maintenance_software agilia_connect_firmware link\+_agilia_firmware |
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in posses… |
CWE-327
Use of a Broken or Risky Cryptographic Algorithm |
CVE-2021-33846 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191478 | 5.3 |
MEDIUM
Network |
fresenius-kabi | agilia_sp_mc_wifi_firmware | Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values s… |
CWE-306
Missing Authentication for Critical Function |
CVE-2021-33843 | 2024-11-21 15:09 | 2022-01-22 | Show | GitHub Exploit DB Packet Storm |
| 191479 | 9.8 |
CRITICAL
Network |
libspf2_project | libspf2 | libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted… |
CWE-787
Out-of-bounds Write |
CVE-2021-33913 | 2024-11-21 15:09 | 2022-01-20 | Show | GitHub Exploit DB Packet Storm |
| 191480 | 9.8 |
CRITICAL
Network |
libspf2_project debian |
libspf2 debian_linux |
libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with… |
CWE-787
Out-of-bounds Write |
CVE-2021-33912 | 2024-11-21 15:09 | 2022-01-20 | Show | GitHub Exploit DB Packet Storm |