Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
190061	5.4	警告 Network	Barco	-	Barco ClickShare CSM-1 および CSC-1 ファームウェアにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-12460	2017-11-21 17:32	2017-10-10	Show	GitHub Exploit DB Packet Storm

190062	6.1	警告 Network	Nikola Loncar	-	WordPress 用 Easy Appointments プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-15812	2017-11-21 17:31	2017-10-16	Show	GitHub Exploit DB Packet Storm

190063	7.2	重要 Network	Tom Braider	-	WordPress 用 Count Per Day プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-5533	2017-11-21 17:31	2015-07-1	Show	GitHub Exploit DB Packet Storm

190064	6.1	警告 Network	Pallets project	-	Pallets Werkzeug におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-10516	2017-11-21 17:19	2016-08-31	Show	GitHub Exploit DB Packet Storm

190065	8.8	重要 Network	ウォッチガード・テクノロジー	-	Hexis HawkEye G におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-2878	2017-11-21 17:14	2015-07-24	Show	GitHub Exploit DB Packet Storm

190066	5.4	警告 Network	Synology Inc.	-	Synology Audio Station におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-15888	2017-11-21 17:12	2017-10-30	Show	GitHub Exploit DB Packet Storm

190067	9.8	緊急 Network	Apache Software Foundation	-	Apache Traffic Server におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2015-3249	2017-11-21 17:06	2015-07-4	Show	GitHub Exploit DB Packet Storm

190068	4.6	警告 Physics	Grupo MSA	-	MSA vot.Ar における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2015-6839	2017-11-21 17:05	2015-07-17	Show	GitHub Exploit DB Packet Storm

190069	7.5	重要 Network	Apache Software Foundation	-	Apache Qpid におけるデータ処理に関する脆弱性	CWE-19 データ処理	CVE-2015-0224	2017-11-21 17:02	2015-01-13	Show	GitHub Exploit DB Packet Storm

190070	9.8	緊急 Network	Apache Software Foundation	-	Apache Traffic Server におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2014-3624	2017-11-21 16:58	2014-05-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1071	-		-	-	Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inet_tls_dist:check_ip/… New	CWE-863 CWE-1025 Incorrect Authorization Comparison Using Wrong Factors	CVE-2026-48860	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1072	-		-	-	Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_auth, ssh_options modules) allows unauthenticated remote username enumeration via timing side-channel in password authentication. W… New	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-48859	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1073	4.3	MEDIUM Network	google	chrome	Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High) Update	CWE-457 Use of Uninitialized Variable	CVE-2026-11668	2026-06-11 01:17	2026-06-9	Show	GitHub Exploit DB Packet Storm

1074	-		-	-	Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_response module) allows Retrieve Embedded Sensitive Data. The httpc client forwards the Authorization and Proxy-Authorization request… New	CWE-601 Open Redirect	CVE-2026-48856	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1075	-		-	-	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery. The SSH_FXP_READLINK handler in ssh_sftpd sends the raw result of… New	CWE-200 Information Exposure	CVE-2026-48855	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1076	-		-	-	Crawlee is a web scraping and browser automation library. From version 1.0.0 to before version 1.7.0, Crawlee is vulnerable to SSRF via sitemap-derived URLs. This issue has been patched in version 1.… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-46497	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1077	8.1	HIGH Network	-	-	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, EscapedString (app/modules/roxywi/class_models.py:16-30) is the centralised Pydan… New	CWE-20 CWE-22 CWE-117 Improper Input Validation Path Traversal Improper Output Neutralization for Logs	CVE-2026-45565	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1078	8.8	HIGH Network	-	-	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions/<service>/<server_ip>/<configver>/save interpolates the URL… New	CWE-78 OS Command	CVE-2026-45564	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1079	4.3	MEDIUM Network	-	-	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, GET /history/<service>/<server_ip> re-uses the server_ip path parameter as a user… New	CWE-639 CWE-863 Authorization Bypass Through User-Controlled Key Incorrect Authorization	CVE-2026-45563	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1080	4.9	MEDIUM Network	-	-	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, get_ldap_email (app/modules/roxywi/user.py:120-157) builds the LDAP search filter… New	CWE-90 LDAP Injection	CVE-2026-45559	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm