Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
1321 9.1 緊急
Network
シスコシステムズ Cisco Identity Services Engine (ISE)
Cisco ISE Passive Identity Connector (ISE-PIC)
シスコシステムズのCisco Identity Services Engine (ISE)等の複数製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2026-20181 2026-06-23 10:01 2026-06-17 Show GitHub Exploit DB Packet Storm
1322 7.5 重要
Network
シスコシステムズ Cisco Identity Services Engine (ISE)
Cisco ISE Passive Identity Connector (ISE-PIC)
シスコシステムズのCisco Identity Services Engine (ISE)等の複数製品における認可に関する脆弱性 CWE-285
不適切な認可
CVE-2026-20190 2026-06-23 10:01 2026-06-17 Show GitHub Exploit DB Packet Storm
1323 6.3 警告
Network
シスコシステムズ Cisco Crosswork Network Controller シスコシステムズのCisco Crosswork Network Controllerにおけるインジェクションに関する脆弱性 CWE-74
インジェクション
CVE-2026-20220 2026-06-23 10:01 2026-06-17 Show GitHub Exploit DB Packet Storm
1324 4.3 警告
Network
Splunk Splunk AI Toolkit SplunkのSplunk AI Toolkitにおけるリソースの安全ではないデフォルト値への初期化に関する脆弱性 CWE-1188
リソースの安全ではないデフォルト値への初期化
CVE-2026-20265 2026-06-23 10:00 2026-06-17 Show GitHub Exploit DB Packet Storm
1325 9.1 緊急
Network
Splunk Splunk AI Toolkit SplunkのSplunk AI ToolkitにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション
CVE-2026-20266 2026-06-23 10:00 2026-06-17 Show GitHub Exploit DB Packet Storm
1326 5.9 警告
Network
VMware Spring Data MongoDB VMwareのSpring Data MongoDBにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化
CVE-2026-41696 2026-06-23 10:00 2026-06-10 Show GitHub Exploit DB Packet Storm
1327 8.1 重要
Network
VMware Spring Data MongoDB VMwareのSpring Data MongoDBにおける言語構文の表現に使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-917
言語構文の表現に使用される特殊な要素の不適切な無効化
CVE-2026-41717 2026-06-23 10:00 2026-06-10 Show GitHub Exploit DB Packet Storm
1328 6.5 警告
Network
VMware spring for apache kafka VMwareのspring for apache kafkaにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認
CVE-2026-41727 2026-06-23 10:00 2026-06-10 Show GitHub Exploit DB Packet Storm
1329 7.5 重要
Network
VMware Spring Data REST VMwareのSpring Data RESTにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御
CVE-2026-41728 2026-06-23 10:00 2026-06-10 Show GitHub Exploit DB Packet Storm
1330 8.1 重要
Network
VMware Spring Data REST VMwareのSpring Data RESTにおける言語構文の表現に使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-917
言語構文の表現に使用される特殊な要素の不適切な無効化
CVE-2026-41729 2026-06-23 10:00 2026-06-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258031 9.8 CRITICAL
Network
ffmpeg
debian
ffmpeg
debian_linux
FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c. CWE-787
 Out-of-bounds Write
CVE-2017-7863 2024-11-21 12:32 2017-04-14 Show GitHub Exploit DB Packet Storm
258032 9.8 CRITICAL
Network
ffmpeg ffmpeg FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c. CWE-787
 Out-of-bounds Write
CVE-2017-7862 2024-11-21 12:32 2017-04-14 Show GitHub Exploit DB Packet Storm
258033 9.8 CRITICAL
Network
grpc grpc Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c. CWE-787
 Out-of-bounds Write
CVE-2017-7861 2024-11-21 12:32 2017-04-14 Show GitHub Exploit DB Packet Storm
258034 9.8 CRITICAL
Network
grpc grpc Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c. CWE-787
 Out-of-bounds Write
CVE-2017-7860 2024-11-21 12:32 2017-04-14 Show GitHub Exploit DB Packet Storm
258035 9.8 CRITICAL
Network
ffmpeg ffmpeg FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c. CWE-787
 Out-of-bounds Write
CVE-2017-7859 2024-11-21 12:32 2017-04-14 Show GitHub Exploit DB Packet Storm
258036 9.8 CRITICAL
Network
freetype freetype FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. CWE-787
 Out-of-bounds Write
CVE-2017-7858 2024-11-21 12:32 2017-04-14 Show GitHub Exploit DB Packet Storm
258037 9.8 CRITICAL
Network
freetype freetype FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfob… CWE-787
 Out-of-bounds Write
CVE-2017-7857 2024-11-21 12:32 2017-04-14 Show GitHub Exploit DB Packet Storm
258038 9.8 CRITICAL
Network
libreoffice libreoffice LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. CWE-787
 Out-of-bounds Write
CVE-2017-7856 2024-11-21 12:32 2017-04-14 Show GitHub Exploit DB Packet Storm
258039 6.1 MEDIUM
Network
concretecms concrete_cms concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" URL on installation of concrete5 using the "Advanced Options" settings… CWE-79
Cross-site Scripting
CVE-2017-7725 2024-11-21 12:32 2017-04-14 Show GitHub Exploit DB Packet Storm
258040 5.5 MEDIUM
Local
radare radare2 The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file. CWE-125
Out-of-bounds Read
CVE-2017-7854 2024-11-21 12:32 2017-04-14 Show GitHub Exploit DB Packet Storm