Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
491 7.3 重要
Local 		Google Android GoogleのAndroidにおける複数の脆弱性 New CWE-125
CWE-190
CVE-2026-0131 2026-06-22 11:31 2026-06-16 Show GitHub Exploit DB Packet Storm
492 8.8 重要
Network 		Google Android GoogleのAndroidにおけるヒープベースのバッファオーバーフローの脆弱性 New CWE-122
ヒープオーバーフロー 		CVE-2026-0132 2026-06-22 11:31 2026-06-16 Show GitHub Exploit DB Packet Storm
493 7.8 重要
Local 		Google Android GoogleのAndroidにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-0133 2026-06-22 11:31 2026-06-16 Show GitHub Exploit DB Packet Storm
494 3.3
Local 		Google Android GoogleのAndroidにおけるリソースの安全ではないデフォルト値への初期化に関する脆弱性 New CWE-1188
リソースの安全ではないデフォルト値への初期化 		CVE-2026-0134 2026-06-22 11:31 2026-06-16 Show GitHub Exploit DB Packet Storm
495 7.8 重要
Local 		Google Android GoogleのAndroidにおける境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2026-0135 2026-06-22 11:31 2026-06-16 Show GitHub Exploit DB Packet Storm
496 6.5 警告
Network 		Google Android GoogleのAndroidにおける複数の脆弱性 New CWE-120
CWE-125
CVE-2026-0136 2026-06-22 11:31 2026-06-16 Show GitHub Exploit DB Packet Storm
497 7.8 重要
Local 		Google Android GoogleのAndroidにおける解放済みメモリの使用に関する脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2026-0137 2026-06-22 11:31 2026-06-16 Show GitHub Exploit DB Packet Storm
498 7.8 重要
Local 		Google Android GoogleのAndroidにおける複数の脆弱性 New CWE-120
CWE-787
CVE-2026-0138 2026-06-22 11:31 2026-06-16 Show GitHub Exploit DB Packet Storm
499 8.8 重要
Network 		Google Android GoogleのAndroidにおけるバッファエラーの脆弱性 New CWE-119
バッファエラー 		CVE-2026-0139 2026-06-22 11:30 2026-06-16 Show GitHub Exploit DB Packet Storm
500 4.3 警告
Network 		Google Android GoogleのAndroidにおける複数の脆弱性 New CWE-125
CWE-190
CVE-2026-0140 2026-06-22 11:30 2026-06-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
256221 7.8 HIGH
Local 		audiofile audiofile Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impa… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-6827 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256222 6.1 MEDIUM
Network 		shishnet shimmie An issue was discovered in Shimmie <= 2.5.1. The vulnerability exists due to insufficient filtration of user-supplied data (log) passed to the "shimmie2-master/ext/chatbox/history/index.php" URL. An … CWE-79
Cross-site Scripting 		CVE-2017-6909 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256223 6.1 MEDIUM
Network 		concrete5 concrete5 An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (fID) passed to the "concrete5-legacy-master/web/concrete/tools/files/se… CWE-79
Cross-site Scripting 		CVE-2017-6908 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256224 6.1 MEDIUM
Network 		open.gl_project open.gl An issue was discovered in Open.GL before 2017-03-13. The vulnerability exists due to insufficient filtration of user-supplied data (content) passed to the "Open.GL-master/index.php" URL. An attacker… CWE-79
Cross-site Scripting 		CVE-2017-6907 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256225 6.1 MEDIUM
Network 		siberiancms siberiancms An issue was discovered in SiberianCMS before 4.10.0. The vulnerability exists due to insufficient filtration of user-supplied data (log) passed to the "SiberianCMS-master/errors/500.php" URL. An a… CWE-79
Cross-site Scripting 		CVE-2017-6906 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256226 6.1 MEDIUM
Network 		concrete5 concrete5 An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (disable_choose) passed to the "concrete5-legacy-master/web/concrete/too… CWE-79
Cross-site Scripting 		CVE-2017-6905 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256227 7.8 HIGH
Local 		ioquake3 ioquake3 In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 (aka Quake 3 engin… NVD-CWE-noinfo
CVE-2017-6903 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256228 8.8 HIGH
Network 		digisol dg-hr1400_router_firmware Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wireless router enables an attacker to escalate from user privilege to admin privilege just by modifying the Base64-encoded session… CWE-565
 Reliance on Cookies without Validation and Integrity Checking 		CVE-2017-6896 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256229 4.7 MEDIUM
Local 		foxitsoftware foxit_reader
phantompdf 		The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read a… CWE-125
Out-of-bounds Read 		CVE-2017-6883 2024-11-21 12:30 2017-03-14 Show GitHub Exploit DB Packet Storm
256230 6.1 MEDIUM
Network 		lutim_project lutim Cross-site scripting (XSS) vulnerability in SVG file handling in Lutim 0.7.1 and earlier allows remote attackers to inject arbitrary web script. CWE-79
Cross-site Scripting 		CVE-2017-6877 2024-11-21 12:30 2017-03-14 Show GitHub Exploit DB Packet Storm