Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190071 7.5 重要
Network 		Schneider Electric - Schneider Electric ClearSCADA におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-9962 2017-10-23 17:16 2017-09-21 Show GitHub Exploit DB Packet Storm
190072 7.8 重要
Local 		Schneider Electric - Schneider Electric GP Pro EX におけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-9961 2017-10-23 17:16 2017-07-14 Show GitHub Exploit DB Packet Storm
190073 8.1 重要
Network 		Faleemi Technologies Ltd - Faleemi FSC-880 における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-14743 2017-10-23 17:16 2017-09-25 Show GitHub Exploit DB Packet Storm
190074 8.8 重要
Network 		Digium - Digium Asterisk GUI における OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2017-14001 2017-10-23 17:16 2017-09-21 Show GitHub Exploit DB Packet Storm
190075 5.9 警告
Network 		Zoho Corporation - Android 用 Zoho Site24x7 Mobile Network Poller アプリケーションにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2017-14582 2017-10-23 16:59 2017-09-27 Show GitHub Exploit DB Packet Storm
190076 6.5 警告
Network 		GraphicsMagick - GraphicsMagick における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-14994 2017-10-23 16:59 2017-10-1 Show GitHub Exploit DB Packet Storm
190077 9.8 緊急
Network 		ImageMagick - ImageMagick におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2017-15032 2017-10-23 16:53 2017-09-13 Show GitHub Exploit DB Packet Storm
190078 7.5 重要
Network 		Saad Amin - WordPress 用 Simple Student Result プラグインにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2017-14766 2017-10-23 16:53 2017-09-21 Show GitHub Exploit DB Packet Storm
190079 7.8 重要
Local 		Unisys - Unisys MCP-FIRMWARE におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-13684 2017-10-23 16:51 2017-09-29 Show GitHub Exploit DB Packet Storm
190080 9.8 緊急
Network 		Shindiri Studio - WordPress 用 Content Timeline プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-14507 2017-10-23 16:44 2017-09-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
401 4.3 MEDIUM
Network 		nextcloud calendar Nextcloud is an open source content collaboration platform. From versions 5.5.13 to before 5.5.17, and 6.2.0 to before 6.2.3, an authenticated user can enumerate users on the same Nextcloud instance … New CWE-200
NVD-CWE-noinfo
Information Exposure 		CVE-2026-45286 2026-06-4 05:35 2026-06-2 Show GitHub Exploit DB Packet Storm
402 6.4 MEDIUM
Network 		nextcloud nextcloud_server Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes… New CWE-862
 Missing Authorization 		CVE-2026-45285 2026-06-4 05:34 2026-06-2 Show GitHub Exploit DB Packet Storm
403 8.8 HIGH
Network 		nextcloud user_oidc Nextcloud is an open source content collaboration platform. From version 1.3.6 to before version 8.4.0, an improper check allowed users that where provided by LDAP to still authenticate towards user … New CWE-284
NVD-CWE-noinfo
Improper Access Control 		CVE-2026-45284 2026-06-4 05:28 2026-06-2 Show GitHub Exploit DB Packet Storm
404 8.6 HIGH
Network 		openairinterface openairinterface5g An issue was discovered in OpenAirInterface5G 2.4.0 (nr-softmodem) in the E2SM-KPM RAN Function's PRB utilization metric calculation. The functions fill_RRU_PrbTotDl() and fill_RRU_PrbTotUl() in open… New CWE-369
 Divide By Zero 		CVE-2026-37232 2026-06-4 05:26 2026-06-2 Show GitHub Exploit DB Packet Storm
405 2.7 LOW
Network 		projectcapsule capsule Capsule is a multi-tenancy and policy-based framework for Kubernetes. To defend against namespace hijacking achieved through update/patch operations on namespaces, Capsule uses a webhook to validate … New CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-30963 2026-06-4 05:22 2026-06-2 Show GitHub Exploit DB Packet Storm
406 7.8 HIGH
Local 		google android_xr In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is a missing permission check. This could lead to local escalation of privilege with no additional executi… New CWE-285
Improper Authorization 		CVE-2026-0072 2026-06-4 05:16 2026-06-2 Show GitHub Exploit DB Packet Storm
407 7.5 HIGH
Network 		juliangruber brace-expansion The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large num… Update CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-45149 2026-06-4 05:13 2026-05-30 Show GitHub Exploit DB Packet Storm
408 5.4 MEDIUM
Network 		mozilla firefox Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted wit… Update CWE-79
Cross-site Scripting 		CVE-2026-9308 2026-06-4 05:02 2026-06-1 Show GitHub Exploit DB Packet Storm
409 5.4 MEDIUM
Network 		mozilla firefox Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These pa… Update CWE-79
Cross-site Scripting 		CVE-2026-9309 2026-06-4 05:02 2026-06-1 Show GitHub Exploit DB Packet Storm
410 7.5 HIGH
Network 		dlink di-7001mini-8g_firmware A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpd_debug.asp of the component API. The manipulation of the argument Time results… Update CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-10270 2026-06-4 05:02 2026-06-2 Show GitHub Exploit DB Packet Storm