Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188071 9.8 緊急
Network 		Quest Software Inc. - Quest NetVault Backup における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-17414 2018-03-6 11:54 2017-12-15 Show GitHub Exploit DB Packet Storm
188072 8.8 重要
Network 		Computer Networks Group - CCN-lite 2 における不正な型変換に関する脆弱性 CWE-704
不正な型変換またはキャスト 		CVE-2018-6480 2018-03-6 11:52 2018-01-30 Show GitHub Exploit DB Packet Storm
188073 9.8 緊急
Network 		Inverse inc. - PacketFence における LDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2011-4069 2018-03-6 11:51 2011-10-24 Show GitHub Exploit DB Packet Storm
188074 9.8 緊急
Network 		Inverse inc. - PacketFence における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2011-4068 2018-03-6 11:51 2011-10-24 Show GitHub Exploit DB Packet Storm
188075 8.8 重要
Network 		シトリックス・システムズ - Citrix NetScaler VPX におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2018-6186 2018-03-6 11:48 2018-03-1 Show GitHub Exploit DB Packet Storm
188076 7.5 重要
Network 		SimpleSAMLphp - SAML2 ライブラリにおけるインジェクションに関する脆弱性 CWE-74
インジェクション 		CVE-2018-6519 2018-03-6 11:45 2018-01-25 Show GitHub Exploit DB Packet Storm
188077 6.7 警告
Local 		G Data Software - G Data TotalProtection における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3752 2018-03-6 11:45 2014-06-17 Show GitHub Exploit DB Packet Storm
188078 9.8 緊急
Network 		Fedora Project
Zabbix		 - Zabbix における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2014-3005 2018-03-6 11:40 2014-06-26 Show GitHub Exploit DB Packet Storm
188079 7.5 重要
Network 		snapd project - snapd におけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-14178 2018-03-6 11:25 2017-11-10 Show GitHub Exploit DB Packet Storm
188080 7.8 重要
Local 		GNU Project - glibc におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2018-1000001 2018-03-5 17:31 2018-01-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1 9.9 CRITICAL
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special she… New CWE-78
OS Command  		CVE-2026-54636 2026-06-27 04:01 2026-06-27 Show GitHub Exploit DB Packet Storm
2 8.8 HIGH
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the openresty-vhosts plugin copies files from an app's openresty/http-includes/ git repository directory to the host and then interpolates their filen… New CWE-95
Eval Injection 		CVE-2026-45406 2026-06-27 04:01 2026-06-27 Show GitHub Exploit DB Packet Storm
3 5.4 MEDIUM
Network 		getgrav grav Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious s… New CWE-79
Cross-site Scripting 		CVE-2020-37256 2026-06-27 03:58 2026-06-26 Show GitHub Exploit DB Packet Storm
4 5.5 MEDIUM
Local 		freebsd freebsd When used to deliver a signal to a specific thread, thr_kill2(2) called p_cansignal() to determine whether the operation was permitted but did not check the result before delivering the signal. The … New CWE-269
 Improper Privilege Management 		CVE-2026-45256 2026-06-27 03:58 2026-06-27 Show GitHub Exploit DB Packet Storm
5 7.5 HIGH
Network 		apache apache-airflow-providers-ftp The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control channel was TLS-protected the data channel was tran… New CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-49486 2026-06-27 03:58 2026-06-26 Show GitHub Exploit DB Packet Storm
6 5.4 MEDIUM
Network 		jupyter jupyter_server Jupyter Server is the backend for Jupyter web applications. Prior to 2.20, the nbconvert HTTP handlers in jupyter_server render user-authored notebook HTML under the Jupyter origin without a sandbox … New CWE-79
CWE-1021
Cross-site Scripting
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2026-44727 2026-06-27 03:57 2026-06-23 Show GitHub Exploit DB Packet Storm
7 7.8 HIGH
Local 		freebsd freebsd The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by se… New CWE-123
 Write-what-where Condition 		CVE-2026-45257 2026-06-27 03:56 2026-06-27 Show GitHub Exploit DB Packet Storm
8 8.8 HIGH
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preve… New CWE-59
Link Following 		CVE-2026-45405 2026-06-27 03:56 2026-06-27 Show GitHub Exploit DB Packet Storm
9 5.5 MEDIUM
Local 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKU_ROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the net… New CWE-522
 Insufficiently Protected Credentials 		CVE-2026-45407 2026-06-27 03:55 2026-06-27 Show GitHub Exploit DB Packet Storm
10 9.0 CRITICAL
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9][^/:_A-Z]*$) permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted ap… New CWE-78
OS Command  		CVE-2026-45408 2026-06-27 03:55 2026-06-27 Show GitHub Exploit DB Packet Storm