Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1041	4.8	警告 Network	F5 Networks	WAF NGINX Gateway Fabric DoS NGINX Instance Manager NGINX Ingress Controller NGINX plus nginx open source	F5 NetworksのDoS等の複数製品における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-48142	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

1042	8.1	重要 Network	F5 Networks	NGINX Gateway Fabric	F5 NetworksのNGINX Gateway Fabricにおけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2026-50107	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

1043	-	-	三菱電機	MELSEC iQ-Fシリーズ FX5-ENET/IP形Ethernetユニット MELSEC iQ-F FX5-EIP形EtherNet/IPユニット	三菱電機製MELSEC iQ-FシリーズのFX5-EIPおよびFX5-ENET/IPにおける脆弱性	CWE-190 CWE-440	CVE-2026-8805 CVE-2026-8806	2026-06-22 18:05	2026-06-19	Show	GitHub Exploit DB Packet Storm

1044	-	-	（複数のベンダ）	（複数の製品）	Vendor-signed UEFIアプリケーションにおけるセキュアブートバイパスの脆弱性	-	-	2026-06-22 17:17	2026-06-19	Show	GitHub Exploit DB Packet Storm

1045	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年06月18日）	-	-	2026-06-22 17:17	2026-06-19	Show	GitHub Exploit DB Packet Storm

1046	8.4	重要 Local	マイクロソフト	Microsoft Office 2021 Long Term Servicing Channel Edition Microsoft Office 365 Microsoft Office 2024 Long-Term Servicing Ch…	Microsoft Office のリモートコードが実行される脆弱性	CWE-416 CWE-787	CVE-2026-45474	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

1047	7.8	重要 Local	マイクロソフト	Microsoft Office 2021 Long Term Servicing Channel Edition Microsoft Office 365 Microsoft Office 2024 Long-Term Servicing Ch…	Microsoft Office のリモートコードが実行される脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-45475	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

1048	5.4	警告 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft Office Project Server のなりすましの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-45483	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

1049	7.8	重要 Local	マイクロソフト	.NET	.NET SDK の特権昇格の脆弱性	CWE-285 CWE-863	CVE-2026-45490	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

1050	5.5	警告 Local	マイクロソフト	.NET	.NET の改ざんの脆弱性	CWE-59 リンク解釈の問題	CVE-2026-45491	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
362481	-	bsdi	bsd_os	rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command li…	NVD-CWE-Other	CVE-2000-1103	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

362482	-	microsoft	indexing_service	The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 sy…	NVD-CWE-Other	CVE-2000-1105	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

362483	-	ibm	net.data	document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.	NVD-CWE-Other	CVE-2000-1110	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

362484	-	unify	ewave_servletexec	Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".	NVD-CWE-Other	CVE-2000-1114	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

362485	-	24link	24link	24Link 1.06 web server allows remote attackers to bypass access restrictions by prepending strings such as "/+/" or "/." to the HTTP GET request.	NVD-CWE-Other	CVE-2000-1118	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

362486	-	hp	hp-ux	registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to …	NVD-CWE-Other	CVE-2000-1127	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

362487	-	mcafee	virusscan	The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in t…	NVD-CWE-Other	CVE-2000-1128	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

362488	-	network_associates	webshield_smtp	McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of service via a malformed recipient field.	NVD-CWE-Other	CVE-2000-1129	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

362489	-	network_associates	webshield_smtp	McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.	NVD-CWE-Other	CVE-2000-1130	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

362490	-	be	beos	Browser IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.	NVD-CWE-Other	CVE-2000-1152	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm