Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1381	5.5	警告 Local	ERLANG	Erl Interface Erlang/OTP	ERLANGのErl Interface等の複数製品におけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-49760	2026-06-16 13:40	2026-06-10	Show	GitHub Exploit DB Packet Storm

1382	5.7	警告 Adjacent	nuxt	nuxt/webpack-builder nuxt/rspack-builder	Nuxtのnuxt/rspack-builder等の複数製品における危険なメソッドや機能の公開に関する脆弱性	CWE-749 危険なメソッドや機能の公開	CVE-2026-49993	2026-06-16 13:39	2026-06-12	Show	GitHub Exploit DB Packet Storm

1383	9.8	緊急 Network	jmespath project	jmespath	JMESPathにおける複数の脆弱性	CWE-116 CWE-20 CWE-94	CVE-2026-54133	2026-06-16 13:39	2026-06-12	Show	GitHub Exploit DB Packet Storm

1384	5.5	警告 Local		-	アップルのmacOSにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2025-24165	2026-06-16 13:39	2026-06-11	Show	GitHub Exploit DB Packet Storm

1385	5.5	警告 Local		-	アップルのmacOSにおけるUNIX Symbolic Link のフォローに関する脆弱性	CWE-61 UNIX Symbolic Link のフォロー	CVE-2025-43278	2026-06-16 13:39	2026-06-11	Show	GitHub Exploit DB Packet Storm

1386	5.5	警告 Local		-	アップルのmacOSにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2025-46313	2026-06-16 13:39	2026-06-11	Show	GitHub Exploit DB Packet Storm

1387	7.2	重要 Network	QNAP Systems	QuTS hero	QNAP SystemsのQuTS heroにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-62850	2026-06-16 13:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

1388	7.2	重要 Network	QNAP Systems	QuTS hero QNAP QTS	QNAP SystemsのQNAP QTS等の複数製品におけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2025-66273	2026-06-16 13:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

1389	7.2	重要 Network	QNAP Systems	QuTS hero QNAP QTS	QNAP SystemsのQNAP QTS等の複数製品におけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2025-66279	2026-06-16 13:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

1390	7.2	重要 Network	QNAP Systems	QuTS hero QNAP QTS	QNAP SystemsのQNAP QTS等の複数製品における複数の脆弱性	CWE-121 CWE-190	CVE-2025-66280	2026-06-16 13:39	2026-06-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
258841	6.7	MEDIUM Local	intel	solid_state_drive_toolbox	There is an escalation of privilege vulnerability in the Intel Solid State Drive Toolbox versions before 3.4.5 which allow a local administrative attacker to load and execute arbitrary code.	NVD-CWE-noinfo	CVE-2017-5688	2024-11-21 12:28	2017-05-31	Show	GitHub Exploit DB Packet Storm

258842	6.8	MEDIUM Network	apache	knox	For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. This may result in es…	CWE-346 Origin Validation Error	CVE-2017-5646	2024-11-21 12:28	2017-05-27	Show	GitHub Exploit DB Packet Storm

258843	6.1	MEDIUM Network	openvpn	openvpn_access_server	CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibl…	CWE-93 CRLF Injection	CVE-2017-5868	2024-11-21 12:28	2017-05-26	Show	GitHub Exploit DB Packet Storm

258844	4.9	MEDIUM Network	sitecore	crm	Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to read arbitrary files via an absolute path traversal attack on sitecore/shell/download.aspx with the file parameter.	CWE-22 Path Traversal	CVE-2017-5966	2024-11-21 12:28	2017-05-23	Show	GitHub Exploit DB Packet Storm

258845	6.7	MEDIUM Local	sitecore	crm	The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a ..\ in its pathname, v…	NVD-CWE-noinfo	CVE-2017-5965	2024-11-21 12:28	2017-05-23	Show	GitHub Exploit DB Packet Storm

258846	5.4	MEDIUM Network	vimbadmin	vimbadmin	Multiple cross-site scripting (XSS) vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) transport parameter to domain/add; the …	CWE-79 Cross-site Scripting	CVE-2017-5870	2024-11-21 12:28	2017-05-23	Show	GitHub Exploit DB Packet Storm

258847	8.0	HIGH Network	apache	archiva	Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. A malicious site opened in the same browser as the archiva site, may send an HTML…	CWE-352 Origin Validation Error	CVE-2017-5657	2024-11-21 12:28	2017-05-23	Show	GitHub Exploit DB Packet Storm

258848	8.8	HIGH Network	satel-iberia	sennet_multitask_meter sennet_optimal_datalogger sennet_solar_datalogger	A Command Injection issue was discovered in Satel Iberia SenNet Data Logger and Electricity Meters: SenNet Optimal DataLogger V5.37c-1.43c and prior, SenNet Solar Datalogger V5.03-1.56a and prior, an…	CWE-77 Command Injection	CVE-2017-6048	2024-11-21 12:28	2017-05-19	Show	GitHub Exploit DB Packet Storm

258849	9.8	CRITICAL Network	codesys	web_server	An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualizati…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2017-6027	2024-11-21 12:28	2017-05-19	Show	GitHub Exploit DB Packet Storm

258850	9.8	CRITICAL Network	codesys	web_server	A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualizatio…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-6025	2024-11-21 12:28	2017-05-19	Show	GitHub Exploit DB Packet Storm