Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
471	7.5	重要 Network	tdengine	tdengine	tdengineにおける整数アンダーフローの脆弱性	CWE-191 整数アンダーフロー	CVE-2026-42542	2026-06-15 11:18	2026-06-10	Show	GitHub Exploit DB Packet Storm

472	8.1	重要 Network	マイクロソフト	Microsoft Teams	Android 用の Microsoft Teams の情報漏えいの脆弱性	CWE-74 インジェクション	CVE-2026-42835	2026-06-15 11:18	2026-06-9	Show	GitHub Exploit DB Packet Storm

473	9.8	緊急 Network	QNAP Systems	qumagie	QNAP Systemsのqumagieにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-44083	2026-06-15 11:18	2026-06-9	Show	GitHub Exploit DB Packet Storm

474	7.5	重要 Network	axios project	axios	axios projectのaxiosにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-44486	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

475	7.5	重要 Network	axios project	axios	axios projectのaxiosにおける送信データへの重要な情報の挿入に関する脆弱性	CWE-201 送信データへの重要な情報の挿入	CVE-2026-44487	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

476	7.5	重要 Network	axios project	axios	axios projectのaxiosにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-44488	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

477	8.6	重要 Network	axios project	axios	axios projectのaxiosにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-44492	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

478	8.7	重要 Network	axios project	axios	axios projectのaxiosにおける複数の脆弱性	CWE-1321 CWE-441	CVE-2026-44494	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

479	7.5	重要 Network	axios project	axios	axios projectのaxiosにおける複数の脆弱性	CWE-1333 CWE-400	CVE-2026-44496	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

480	7.5	重要 Network	Pipecat	Pipecat	Pipecatにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-44716	2026-06-15 11:18	2026-06-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
309671	-	vwar	virtual_war	The createRandomPassword function in includes/functions_common.php in Virtual War (aka VWar) 1.6.1 R2 uses a small range of values to select the seed argument for the PHP mt_srand function, which mak…	CWE-310 Cryptographic Issues	CVE-2010-5066	2024-11-21 10:22	2012-10-8	Show	GitHub Exploit DB Packet Storm

309672	-	vwar	virtual_war	popup.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to bypass intended member restrictions and read news posts via a modified newsid parameter in a printnews action.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-5065	2024-11-21 10:22	2012-10-8	Show	GitHub Exploit DB Packet Storm

309673	-	vwar	virtual_war	Multiple cross-site scripting (XSS) vulnerabilities in Virtual War (aka VWar) 1.6.1 R2 allow remote attackers to inject arbitrary web script or HTML via (1) the Additional Information field to challe…	CWE-79 Cross-site Scripting	CVE-2010-5064	2024-11-21 10:22	2012-10-8	Show	GitHub Exploit DB Packet Storm

309674	-	vwar	virtual_war	SQL injection vulnerability in article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the ratearticleselect parameter.	CWE-89 SQL Injection	CVE-2010-5063	2024-11-21 10:22	2012-10-8	Show	GitHub Exploit DB Packet Storm

309675	-	modx	modx_revolution	Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read…	CWE-22 Path Traversal	CVE-2010-5278	2024-11-21 10:22	2012-10-8	Show	GitHub Exploit DB Packet Storm

309676	-	karim_ratib	views_bulk_operations	Unspecified vulnerability in the Views Bulk Operations module 6 before 6.x-1.10 for Drupal allows remote authenticated users with user management permissions to bypass intended access restrictions an…	NVD-CWE-noinfo	CVE-2010-5277	2024-11-21 10:22	2012-10-8	Show	GitHub Exploit DB Packet Storm

309677	-	memcache_project	memcache	The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcache_admin, which might "lead to a role change not being recognized until th…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-5276	2024-11-21 10:22	2012-10-8	Show	GitHub Exploit DB Packet Storm

309678	-	memcache_project	memcache	Cross-site scripting (XSS) vulnerability in memcache_admin in the Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal allows remote attackers to inject arbitrary web script or HTML …	CWE-79 Cross-site Scripting	CVE-2010-5275	2024-11-21 10:22	2012-10-8	Show	GitHub Exploit DB Packet Storm

309679	-	silverstripe	silverstripe	SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) "forgot password" functionality, and (4) pas…	CWE-310 Cryptographic Issues	CVE-2010-5079	2024-11-21 10:22	2012-09-18	Show	GitHub Exploit DB Packet Storm

309680	-	silverstripe	silverstripe	SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain version information v…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-5078	2024-11-21 10:22	2012-09-18	Show	GitHub Exploit DB Packet Storm