Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189101 7.8 重要
Local 		レッドハット - Red Hat OpenShift Enterprise におけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2013-4364 2018-02-16 11:50 2013-09-18 Show GitHub Exploit DB Packet Storm
189102 9.8 緊急
Network 		Gravity Upload Ajax project - WordPress 用 Gravity Upload Ajax プラグインにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2014-4972 2018-02-16 11:50 2014-08-1 Show GitHub Exploit DB Packet Storm
189103 9.8 緊急
Network 		Progress Software Corporation - Sitefinity における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2017-15883 2018-02-16 11:50 2017-10-25 Show GitHub Exploit DB Packet Storm
189104 7.5 重要
Network 		Flexense Ltd. - Flexense DiskBoss Enterprise におけるセキュリティチェックに関する脆弱性 CWE-358
不適切に実装されたセキュリティチェック 		CVE-2017-15665 2018-02-16 11:39 2017-10-19 Show GitHub Exploit DB Packet Storm
189105 7.5 重要
Network 		Flexense Ltd. - Flexense Sync Breeze Enterprise におけるセキュリティチェックに関する脆弱性 CWE-358
不適切に実装されたセキュリティチェック 		CVE-2017-15664 2018-02-16 11:39 2017-10-19 Show GitHub Exploit DB Packet Storm
189106 7.5 重要
Network 		Flexense Ltd. - Flexense Disk Pulse Enterprise におけるセキュリティチェックに関する脆弱性 CWE-358
不適切に実装されたセキュリティチェック 		CVE-2017-15663 2018-02-16 11:39 2017-10-19 Show GitHub Exploit DB Packet Storm
189107 7.5 重要
Network 		Flexense Ltd. - Flexense VX Search Enterprise におけるセキュリティチェックに関する脆弱性 CWE-358
不適切に実装されたセキュリティチェック 		CVE-2017-15662 2018-02-16 11:38 2017-10-19 Show GitHub Exploit DB Packet Storm
189108 7.8 重要
Local 		Google - Android の NVIDIA ドライバにおける整数オーバーフローの脆弱性 CWE-190
CWE-416
CVE-2017-0869 2018-02-16 11:35 2018-01-2 Show GitHub Exploit DB Packet Storm
189109 7.8 重要
Local 		Linux - Linux Kernel における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2018-5344 2018-02-16 11:30 2018-01-6 Show GitHub Exploit DB Packet Storm
189110 6.1 警告
Network 		Atlassian - Atlassian Jira におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-14594 2018-02-16 11:30 2017-12-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2071 5.3 MEDIUM
Network 		- - A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a `GOAWAY` frame. This vulnerability affects two supported release lines: **Node.js 22** and **Node.js … CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-48937 2026-06-23 05:20 2026-06-19 Show GitHub Exploit DB Packet Storm
2072 7.5 HIGH
Network 		- - The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive memory allocation by sending arbitrarily large JSON pay… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-42127 2026-06-23 05:19 2026-06-23 Show GitHub Exploit DB Packet Storm
2073 - - - A Missing Authorization vulnerability in a GraphQL private API operation of the Google App Engine section of the Cloud Console allows an unauthenticated remote attacker to leak sensitive App Engine r… CWE-862
 Missing Authorization 		CVE-2026-8934 2026-06-23 05:18 2026-06-23 Show GitHub Exploit DB Packet Storm
2074 9.0 CRITICAL
Network 		- - An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services (AD CS) certificate auto-enrollment via the vendored Samba client script (in… CWE-348
 Use of Less Trusted Source 		CVE-2026-12249 2026-06-23 05:18 2026-06-23 Show GitHub Exploit DB Packet Storm
2075 9.8 CRITICAL
Network 		- - FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint (/api/folder/uploadToSharedFolder.php), leading to arbitrary file write and administrator account takeover.… CWE-22
CWE-434
Path Traversal
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-54414 2026-06-23 05:17 2026-06-19 Show GitHub Exploit DB Packet Storm
2076 7.5 HIGH
Network 		- - Capgo (Cap-go/capgo) before 12.128.2 contains an improper access control vulnerability in the SECURITY DEFINER PostgREST RPC function public.record_build_time, which is granted to the anon role and c… CWE-284
Improper Access Control 		CVE-2026-56082 2026-06-23 05:17 2026-06-20 Show GitHub Exploit DB Packet Storm
2077 5.3 MEDIUM
Network 		- - Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.upsert_version_meta SECURITY DEFINER function exposed via PostgREST RPC, allowing unauthenticated attackers to inser… CWE-862
 Missing Authorization 		CVE-2026-56213 2026-06-23 05:17 2026-06-20 Show GitHub Exploit DB Packet Storm
2078 - - - picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the __reduce__ method, allowing remote code execution. Attackers can craft pickle files that import dangero… CWE-184
 Incomplete Blacklist 		CVE-2025-71351 2026-06-23 05:17 2026-06-21 Show GitHub Exploit DB Packet Storm
2079 5.4 MEDIUM
Network 		- - EasyFlow .NET developed by Digiwin has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page … CWE-79
Cross-site Scripting 		CVE-2026-12580 2026-06-23 05:17 2026-06-22 Show GitHub Exploit DB Packet Storm
2080 7.5 HIGH
Network 		- - EasyFlow .NET developed by Digiwin has a Session Fixation vulnerability. If unauthenticated remote attackers replace a specific session ID for a user, they can gain the user's privilege once the user… CWE-384
 Session Fixation 		CVE-2026-12581 2026-06-23 05:17 2026-06-22 Show GitHub Exploit DB Packet Storm