Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1651	4.6	警告 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft SharePoint Server のなりすましの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-48562	2026-06-15 11:15	2026-06-9	Show	GitHub Exploit DB Packet Storm

1652	5.5	警告 Local	マイクロソフト	Visual Studio Code	Visual Studio Code セキュリティ機能のバイパスの脆弱性	CWE-20 CWE-23 CWE-noinfo	CVE-2026-48569	2026-06-15 11:15	2026-06-9	Show	GitHub Exploit DB Packet Storm

1653	7.8	重要 Local	マイクロソフト	Microsoft PC Manager	Microsoft PC マネージャーのセキュリティ機能バイパスの脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-49161	2026-06-15 11:15	2026-06-9	Show	GitHub Exploit DB Packet Storm

1654	8.8	重要 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-50223	2026-06-15 11:15	2026-06-10	Show	GitHub Exploit DB Packet Storm

1655	6.5	警告 Network	Apache Software Foundation	Apache CXF	Apache Software FoundationのApache CXFにおける認証に関する脆弱性	CWE-287 CWE-noinfo	CVE-2026-50623	2026-06-15 11:15	2026-06-12	Show	GitHub Exploit DB Packet Storm

1656	5.3	警告 Network	Apache Software Foundation	Apache CXF	Apache Software FoundationのApache CXFにおけるCRLF インジェクションの脆弱性	CWE-93 CRLF インジェクション	CVE-2026-50629	2026-06-15 11:15	2026-06-12	Show	GitHub Exploit DB Packet Storm

1657	6.5	警告 Network	Apache Software Foundation	Apache CXF	Apache Software FoundationのApache CXFにおけるHTTP レスポンス分割に関する脆弱性	CWE-113 HTTP レスポンスの分割	CVE-2026-50630	2026-06-15 11:15	2026-06-12	Show	GitHub Exploit DB Packet Storm

1658	7.4	重要 Network	Apache Software Foundation	Apache CXF	Apache Software FoundationのApache CXFにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-50631	2026-06-15 11:15	2026-06-12	Show	GitHub Exploit DB Packet Storm

1659	8.1	重要 Network	Apache Software Foundation	Apache CXF	Apache Software FoundationのApache CXFにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-50632	2026-06-15 11:15	2026-06-12	Show	GitHub Exploit DB Packet Storm

1660	8.1	重要 Network	Apache Software Foundation	Apache CXF	Apache Software FoundationのApache CXFにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-50633	2026-06-15 11:15	2026-06-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
343701	-	qnx	rtos	Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument.	NVD-CWE-Other	CVE-2005-3928	2018-10-20 00:39	2005-11-30	Show	GitHub Exploit DB Packet Storm

343702	-	xaraya	xaraya	Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in th…	NVD-CWE-Other	CVE-2005-3929	2018-10-20 00:39	2005-11-30	Show	GitHub Exploit DB Packet Storm

343703	-	n-13_news	n-13_news	SQL injection vulnerability in index.php in N-13 News 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.	NVD-CWE-Other	CVE-2005-3930	2018-10-20 00:39	2005-12-1	Show	GitHub Exploit DB Packet Storm

343704	-	asp-rider	asp-rider	SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows remote attackers to execute arbitrary SQL commands via the HTTP referer.	NVD-CWE-Other	CVE-2005-3931	2018-10-20 00:39	2005-12-1	Show	GitHub Exploit DB Packet Storm

343705	-	webcalendar	webcalendar	Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) startid parameter to activity_log.php, (2) startid parameter to admin_…	NVD-CWE-Other	CVE-2005-3949	2018-10-20 00:39	2005-12-1	Show	GitHub Exploit DB Packet Storm

343706	-	php_labs	top_auction	SQL injection vulnerability in PHP Labs Top Auction allows remote attackers to execute arbitrary SQL commands via the (1) category and (2) type parameters to viewcat.php, or (3) certain search parame…	CWE-89 SQL Injection	CVE-2005-3952	2018-10-20 00:39	2005-12-1	Show	GitHub Exploit DB Packet Storm

343707	-	blogbuddies jaws magpierss	blogbuddies jaws magpierss	Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web scri…	CWE-79 Cross-site Scripting	CVE-2005-3955	2018-10-20 00:39	2005-12-1	Show	GitHub Exploit DB Packet Storm

343708	-	freewebstat	freewebstat	Multiple cross-site scripting (XSS) vulnerabilities in FreeWebStat 1.0 rev37 allow remote attackers to inject arbitrary web script or HTML via the (1) site, (2) jsref, (3) jsres, and (4) jscolor para…	NVD-CWE-Other	CVE-2005-3959	2018-10-20 00:39	2005-12-1	Show	GitHub Exploit DB Packet Storm

343709	-	kadu	kadu	Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of service (crash or generated traffic) via a malformed message, possibly with incomplete information.	NVD-CWE-Other	CVE-2005-3960	2018-10-20 00:39	2005-12-1	Show	GitHub Exploit DB Packet Storm

343710	-	webcalendar	webcalendar	export_handler.php in WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar data files via a modified id parameter.	NVD-CWE-Other	CVE-2005-3961	2018-10-20 00:39	2005-12-1	Show	GitHub Exploit DB Packet Storm