Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 12:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
171	7.5	重要 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおける不十分なランダム値の使用に関する脆弱性	CWE-330 不十分なランダム値の使用	CVE-2026-41838	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

172	6.1	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-41844	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

173	6.1	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41845	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

174	6.1	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41846	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

175	5.3	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-41847	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

176	7.5	重要 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおける非効率的な正規表現の複雑さに関する脆弱性	CWE-1333 非効率的な正規表現の複雑さ	CVE-2026-41848	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

177	5.3	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41852	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

178	5.1	警告 Local	ImageMagick	ImageMagick	ImageMagickにおける複数の脆弱性	CWE-125 CWE-191	CVE-2026-42326	2026-06-12 14:53	2026-06-10	Show	GitHub Exploit DB Packet Storm

179	7.5	重要 Network	Svelte project	Svelte	Svelte projectのSvelteにおける非効率的な正規表現の複雑さに関する脆弱性	CWE-1333 非効率的な正規表現の複雑さ	CVE-2026-42567	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

180	7.5	重要 Network	Svelte project	devalue	Svelte projectのdevalueにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-42570	2026-06-12 14:53	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
344511	-	great_circle_associates	majordomo	Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-T…	NVD-CWE-Other	CVE-1999-1220	2017-12-19 11:29	1997-08-24	Show	GitHub Exploit DB Packet Storm

344512	-	digital	unix	dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.	NVD-CWE-Other	CVE-1999-1221	2017-12-19 11:29	1996-11-17	Show	GitHub Exploit DB Packet Storm

344513	-	university_of_washington	imapd	IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a…	NVD-CWE-Other	CVE-1999-1224	2017-12-19 11:29	1997-10-8	Show	GitHub Exploit DB Packet Storm

344514	-	digital linux netbsd openbsd sun	ultrix linux_kernel netbsd openbsd solaris	rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates differe…	NVD-CWE-Other	CVE-1999-1225	2017-12-19 11:29	1997-08-24	Show	GitHub Exploit DB Packet Storm

344515	-	logicode diamond us_robotics	quicktel supra us_robotics	Various modems that do not implement a guard time, or are configured with a guard time of 0, can allow remote attackers to execute arbitrary modem commands such as ATH, ATH0, etc., via a "+++" sequen…	NVD-CWE-Other	CVE-1999-1228	2017-12-19 11:29	1998-09-27	Show	GitHub Exploit DB Packet Storm

344516	-	id_software	quake_2_server	Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the targ…	NVD-CWE-Other	CVE-1999-1229	2017-12-19 11:29	1998-02-25	Show	GitHub Exploit DB Packet Storm

344517	-	id_software	quake_2	Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself.	NVD-CWE-Other	CVE-1999-1230	2017-12-19 11:29	1997-12-24	Show	GitHub Exploit DB Packet Storm

344518	-	ssh	ssh2	ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remot…	NVD-CWE-Other	CVE-1999-1231	2017-12-19 11:29	1999-06-9	Show	GitHub Exploit DB Packet Storm

344519	-	sgi	irix	Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program.	NVD-CWE-Other	CVE-1999-1232	2017-12-19 11:29	1997-05-16	Show	GitHub Exploit DB Packet Storm

344520	-	microsoft	windows_nt	LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo.	NVD-CWE-Other	CVE-1999-1234	2017-12-19 11:29	1999-10-26	Show	GitHub Exploit DB Packet Storm