Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1331 5.5 警告
Local 		GPAC GPAC GPACにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2025-55648 2026-06-17 15:35 2026-06-15 Show GitHub Exploit DB Packet Storm
1332 5.5 警告
Local 		GPAC GPAC GPACにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2025-55649 2026-06-17 15:35 2026-06-15 Show GitHub Exploit DB Packet Storm
1333 5.5 警告
Local 		GPAC GPAC GPACにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2025-55650 2026-06-17 15:35 2026-06-15 Show GitHub Exploit DB Packet Storm
1334 5.5 警告
Local 		Advanced Micro Devices (AMD) uprof Advanced Micro Devices (AMD)のuprofにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性 CWE-497
認可されていない制御領域への重要情報の漏えい 		CVE-2026-0466 2026-06-17 15:35 2026-06-9 Show GitHub Exploit DB Packet Storm
1335 10 緊急
Network 		MISP MISP MISPにおける認証に関する脆弱性 CWE-287
CWE-noinfo
CVE-2026-10611 2026-06-17 15:35 2026-06-2 Show GitHub Exploit DB Packet Storm
1336 6.3 警告
Local 		Zephyr Project Zephyr Zephyr ProjectのZephyrにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-10635 2026-06-17 15:35 2026-06-16 Show GitHub Exploit DB Packet Storm
1337 9.8 緊急
Network 		Altium Altium On-Prem Enterprise Server AltiumのAltium On-Prem Enterprise Serverにおける複数の脆弱性 CWE-22
CWE-798
CVE-2026-11414 2026-06-17 15:35 2026-06-5 Show GitHub Exploit DB Packet Storm
1338 8.8 重要
Network 		Altium Altium On-Prem Enterprise Server AltiumのAltium On-Prem Enterprise Serverにおける複数の脆弱性 CWE-22
CWE-434
CVE-2026-11419 2026-06-17 15:35 2026-06-5 Show GitHub Exploit DB Packet Storm
1339 9.8 緊急
Network 		Altium Altium On-Prem Enterprise Server AltiumのAltium On-Prem Enterprise Serverにおける複数の脆弱性 CWE-22
CWE-306
CVE-2026-11420 2026-06-17 15:35 2026-06-5 Show GitHub Exploit DB Packet Storm
1340 8.8 重要
Network 		Devolutions Devolutions Remote Desktop Manager DevolutionsのDevolutions Remote Desktop ManagerにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-12161 2026-06-17 15:35 2026-06-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
257291 7.5 HIGH
Network 		qnap qfinder_pro QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive information contained in NAS devices. If exploited, this may allow attackers to further compromise the device. CWE-200
Information Exposure 		CVE-2017-7633 2024-11-21 12:32 2018-03-6 Show GitHub Exploit DB Packet Storm
257292 7.5 HIGH
Network 		apache
debian 		traffic_server
debian_linux 		There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump. CWE-20
 Improper Input Validation  		CVE-2017-7671 2024-11-21 12:32 2018-02-28 Show GitHub Exploit DB Packet Storm
257293 9.8 CRITICAL
Network 		fasterxml
debian
netapp
redhat
oracle 		jackson-databind
debian_linux
oncommand_balance
snapcenter
oncommand_shift
oncommand_performance_manager
openshift_container_platform
virtualization
virtualization_host
jbo… 		A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the malicious… - CVE-2017-7525 2024-11-21 12:32 2018-02-7 Show GitHub Exploit DB Packet Storm
257294 6.1 MEDIUM
Network 		redhat undertow In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in t… CWE-444
HTTP Request Smuggling 		CVE-2017-7559 2024-11-21 12:32 2018-01-11 Show GitHub Exploit DB Packet Storm
257295 7.0 HIGH
Local 		redhat hibernate_validator
satellite
satellite_capsule
jboss_enterprise_application_platform
virtualization
virtualization_host 		In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, ar… CWE-470
Unsafe Reflection 		CVE-2017-7536 2024-11-21 12:32 2018-01-11 Show GitHub Exploit DB Packet Storm
257296 7.2 HIGH
Network 		fortinet fortios An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web port… CWE-200
Information Exposure 		CVE-2017-7738 2024-11-21 12:32 2017-12-14 Show GitHub Exploit DB Packet Storm
257297 7.8 HIGH
Local 		rpm rpm It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed cou… - CVE-2017-7501 2024-11-21 12:32 2017-11-23 Show GitHub Exploit DB Packet Storm
257298 5.4 MEDIUM
Network 		fortinet fortiweb A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special cra… CWE-79
Cross-site Scripting 		CVE-2017-7736 2024-11-21 12:32 2017-11-23 Show GitHub Exploit DB Packet Storm
257299 9.8 CRITICAL
Network 		redhat ansible
enterprise_linux_server 		A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive infor… - CVE-2017-7550 2024-11-21 12:32 2017-11-22 Show GitHub Exploit DB Packet Storm
257300 8.8 HIGH
Network 		d-link dcs-936l D-Link DCS-936L devices with firmware before 1.05.07 have an inadequate CSRF protection mechanism that requires the device's IP address to be a substring of the HTTP Referer header. CWE-352
 Origin Validation Error 		CVE-2017-7851 2024-11-21 12:32 2017-11-15 Show GitHub Exploit DB Packet Storm