Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189741	8.8	重要 Network	CERN	-	ROOT におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2017-1000203	2017-12-12 12:16	2017-04-20	Show	GitHub Exploit DB Packet Storm

189742	6.5	警告 Local	VMware	-	VMware Workstation および Fusion における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2017-4938	2017-12-12 12:08	2017-11-16	Show	GitHub Exploit DB Packet Storm

189743	7.8	重要 Local	VMware	-	VMware Workstation および Horizon View Client for Windows における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2017-4937	2017-12-12 12:08	2017-11-16	Show	GitHub Exploit DB Packet Storm

189744	7.8	重要 Local	VMware	-	VMware Workstation および Horizon View Client for Windows における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2017-4936	2017-12-12 12:08	2017-11-16	Show	GitHub Exploit DB Packet Storm

189745	7.5	重要 Network	VMware	-	VMware vCenter Server における LDAP インジェクションの脆弱性	CWE-90 LDAP インジェクション	CVE-2017-4927	2017-12-12 12:08	2017-11-9	Show	GitHub Exploit DB Packet Storm

189746	9.1	緊急 Network	インテル	-	Intel Unite App における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-5738	2017-12-12 11:51	2017-11-14	Show	GitHub Exploit DB Packet Storm

189747	9.8	緊急 Network	Ipsilon project	-	Ipsilon におけるセッションの固定化の脆弱性	CWE-384 セッションの固定化	CVE-2017-16855	2017-12-12 11:51	2017-11-14	Show	GitHub Exploit DB Packet Storm

189748	7.8	重要 Local	HashiCorp	-	HashiCorp Vagrant VMware Fusion プラグインにおける認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-16777	2017-12-12 11:50	2017-11-15	Show	GitHub Exploit DB Packet Storm

189749	7.5	重要 Network	British Columbia Institute of Technology	-	British Columbia Institute of Technology CodeIgniter における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2017-1000247	2017-12-12 11:31	2017-03-20	Show	GitHub Exploit DB Packet Storm

189750	5.5	警告 Local	NetApp	-	AltaVault OST Plug-in における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2017-15517	2017-12-12 11:31	2017-11-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1541	4.3	MEDIUM Network	google	chrome	Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium se…	CWE-284 Improper Access Control	CVE-2026-11277	2026-06-10 03:26	2026-06-5	Show	GitHub Exploit DB Packet Storm

1542	5.8	MEDIUM Network	-	-	On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is …	CWE-1023 Incomplete Comparison with Missing Factors	CVE-2026-7473	2026-06-10 03:17	2026-06-6	Show	GitHub Exploit DB Packet Storm

1543	8.8	HIGH Network	-	-	The RemoteControl API methods invite_participants and remind_participants pass a caller-supplied token-ID array into TokenDynamic::findUninvited(), which concatenates the values directly into a tid I…	CWE-89 SQL Injection	CVE-2026-50636	2026-06-10 03:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

1544	8.8	HIGH Network	-	-	LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in the d…	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2026-50635	2026-06-10 03:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

1545	6.5	MEDIUM Network	-	-	Hermes WebUI before version 0.51.269 contains a profile isolation bypass vulnerability that allows authenticated users to access data belonging to other profiles by querying the session search endpoi…	CWE-862 Missing Authorization	CVE-2026-49956	2026-06-10 03:17	2026-06-10	Show	GitHub Exploit DB Packet Storm

1546	8.1	HIGH Network	-	-	Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.	CWE-285 Improper Authorization	CVE-2026-45503	2026-06-10 03:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

1547	6.5	MEDIUM Network	-	-	Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to perform spoofing over a network.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45501	2026-06-10 03:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

1548	6.3	MEDIUM Local	-	-	Dell/Alienware Purchased Apps, versions prior to 1.1.32.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could p…	CWE-59 Link Following	CVE-2026-44275	2026-06-10 03:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

1549	6.3	MEDIUM Local	-	-	Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could p…	CWE-1386 Insecure Operation on Windows Junction / Mount Point	CVE-2026-41116	2026-06-10 03:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

1550	-		-	-	Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability.	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-28237	2026-06-10 03:16	2026-06-10	Show	GitHub Exploit DB Packet Storm