Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 12:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
196301	7.1	重要 Network	IBM	-	IBM Security Guardium における XML 外部エンティティインジェクションの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2017-1254	2017-08-2 19:00	2017-06-29	Show	GitHub Exploit DB Packet Storm

196302	9.9	緊急 Network	IBM	-	IBM Security Guardium におけるシステム上で任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2017-1253	2017-08-2 19:00	2017-06-29	Show	GitHub Exploit DB Packet Storm

196303	5.5	警告 Local	Nitro Software, Inc.	-	Nitro Pro におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2017-7950	2017-08-2 18:24	2017-02-3	Show	GitHub Exploit DB Packet Storm

196304	9.1	緊急 Network	Ipsilon project	-	Ipsilon におけるセッションの固定化の脆弱性	CWE-384 セッションの固定化	CVE-2016-8638	2017-08-2 18:08	2016-11-8	Show	GitHub Exploit DB Packet Storm

196305	8.6	重要 Network	Thermo Fisher Scientific Inc.	-	dataTaker DT80 dEX における重要な認証情報および設定情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2017-11165	2017-08-2 18:07	2017-07-12	Show	GitHub Exploit DB Packet Storm

196306	6.1	警告 Network	IBM	-	IBM WebSphere Commerce におけるフィッシング攻撃を実行される脆弱性	CWE-601 オープンリダイレクト	CVE-2017-1398	2017-08-2 17:58	2017-07-6	Show	GitHub Exploit DB Packet Storm

196307	9.1	緊急 Network	The PHP Group	-	PHP におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-11147	2017-08-2 17:58	2017-01-19	Show	GitHub Exploit DB Packet Storm

196308	5.9	警告 Local	Canonical	-	ubuntu-image における不適切なアクセス制御	CWE-284 不適切なアクセス制御	CVE-2017-10600	2017-08-2 17:50	2017-07-11	Show	GitHub Exploit DB Packet Storm

196309	5.4	警告 Network	シスコシステムズ	-	Cisco Identity Services Engine ソフトウェアの Web ベースの管理インターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-6734	2017-08-2 17:49	2017-07-5	Show	GitHub Exploit DB Packet Storm

196310	6.1	警告 Network	シスコシステムズ	-	Cisco ISE ポータルの Web ベースのアプリケーションインターフェースにおける格納型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-6733	2017-08-2 17:49	2017-07-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
4201	6.5	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to filter nil elements from outgoing webhook attachment payloads before processing, which allows an …	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2026-4915	2026-06-2 02:57	2026-05-25	Show	GitHub Exploit DB Packet Storm

4202	3.3	LOW Local	-	-	A weakness has been identified in janet-lang janet up to 1.41.0. This vulnerability affects the function unmarshal_one_fiber of the file src/core/marsh.c. Executing a manipulation can lead to integer…	CWE-189 CWE-190 Numeric Errors Integer Overflow or Wraparound	CVE-2026-10268	2026-06-2 02:57	2026-06-2	Show	GitHub Exploit DB Packet Storm

4203	6.3	MEDIUM Network	-	-	A security vulnerability has been detected in decolua 9router up to 0.4.0. This issue affects the function isAuthenticated of the file src/dashboardGuard.js of the component HTTP Header Handler. The …	CWE-266 CWE-285 Incorrect Privilege Assignment Improper Authorization	CVE-2026-10269	2026-06-2 02:57	2026-06-2	Show	GitHub Exploit DB Packet Storm

4204	6.3	MEDIUM Network	-	-	A flaw has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b5260a565ca844df3a0. The affected element is an unknown function of the file admin/ of the component Admin Endpoint.…	CWE-698 CWE-705 Execution After Redirect (EAR) Incorrect Control Flow Scoping	CVE-2026-10271	2026-06-2 02:57	2026-06-2	Show	GitHub Exploit DB Packet Storm

4205	6.5	MEDIUM Network	-	-	A vulnerability has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b5260a565ca844df3a0. The impacted element is an unknown function of the file admin/deleteform.php. Such man…	CWE-266 CWE-285 Incorrect Privilege Assignment Improper Authorization	CVE-2026-10272	2026-06-2 02:57	2026-06-2	Show	GitHub Exploit DB Packet Storm

4206	6.3	MEDIUM Network	-	-	A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833aef9b5dfd17a5991b3b18a8a11edbdc583. This impacts the function getAssetMetadata of the file src/mcp-server.ts of the comp…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-10274	2026-06-2 02:57	2026-06-2	Show	GitHub Exploit DB Packet Storm

4207	5.0	MEDIUM Network	-	-	A flaw has been found in OpenSC up to 0.26.1. This affects the function test_kpgen_certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation …	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-10275	2026-06-2 02:57	2026-06-2	Show	GitHub Exploit DB Packet Storm

4208	6.5	MEDIUM Network	-	-	Missing Authorization vulnerability in Paolo GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GeoDirectory: from n/a through 2.8.157.	CWE-862 Missing Authorization	CVE-2026-42671	2026-06-2 02:57	2026-06-2	Show	GitHub Exploit DB Packet Storm

4209	9.3	CRITICAL Network	-	-	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Ki…	CWE-89 SQL Injection	CVE-2026-42672	2026-06-2 02:57	2026-06-2	Show	GitHub Exploit DB Packet Storm

4210	7.5	HIGH Network	-	-	Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensit…	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2026-42673	2026-06-2 02:57	2026-06-2	Show	GitHub Exploit DB Packet Storm