Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
203181	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Fulfillment Manager における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3284	2017-02-3 14:43	2017-01-17	Show	GitHub Exploit DB Packet Storm

203182	4.7	警告 Network	オラクル	-	Oracle E-Business Suite の Oracle Partner Management における User Interface に関する脆弱性	CWE-20 不適切な入力確認	CVE-2017-3283	2017-02-3 14:43	2017-01-17	Show	GitHub Exploit DB Packet Storm

203183	4.7	警告 Network	オラクル	-	Oracle E-Business Suite の Oracle Partner Management における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3282	2017-02-3 14:43	2017-01-17	Show	GitHub Exploit DB Packet Storm

203184	4.7	警告 Network	オラクル	-	Oracle E-Business Suite の Oracle Partner Management における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3281	2017-02-3 14:43	2017-01-17	Show	GitHub Exploit DB Packet Storm

203185	4.7	警告 Network	オラクル	-	Oracle E-Business Suite の Oracle Partner Management における User Interface に関する脆弱性	CWE-20 不適切な入力確認	CVE-2017-3280	2017-02-3 14:43	2017-01-17	Show	GitHub Exploit DB Packet Storm

203186	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Leads Management における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3279	2017-02-3 14:43	2017-01-17	Show	GitHub Exploit DB Packet Storm

203187	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle One-to-One Fulfillment における Request Confirmatoin に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3278	2017-02-3 14:43	2017-01-17	Show	GitHub Exploit DB Packet Storm

203188	4.9	警告 Network	オラクル	-	Oracle E-Business Suite の Oracle Applications Manager における OAM Client に関する脆弱性	CWE-200 情報漏えい	CVE-2017-3277	2017-02-3 14:43	2017-01-17	Show	GitHub Exploit DB Packet Storm

203189	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Email Center における User Interface に関する脆弱性	CWE-254 セキュリティ機能	CVE-2017-3275	2017-02-3 14:43	2017-01-17	Show	GitHub Exploit DB Packet Storm

203190	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Email Center における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3274	2017-02-3 14:43	2017-01-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
371	7.8	HIGH Local	imagemagick	imagemagick	ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artifacts with invalid indices. Attackers can trigger acc… New	CWE-125 Out-of-bounds Read	CVE-2026-56370	2026-06-27 06:50	2026-06-24	Show	GitHub Exploit DB Packet Storm

372	7.5	HIGH Network	angularjs	angularjs	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, a Denial of Service (DoS) vu… New	CWE-400 CWE-1333 Uncontrolled Resource Consumption Inefficient Regular Expression Complexity	CVE-2026-54268	2026-06-27 06:36	2026-06-23	Show	GitHub Exploit DB Packet Storm

373	9.8	CRITICAL Network	langflow	langflow	IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Stream… New	CWE-287 NVD-CWE-noinfo Improper Authentication	CVE-2026-7664	2026-06-27 06:29	2026-06-23	Show	GitHub Exploit DB Packet Storm

374	6.1	MEDIUM Network	ibm	datacap datacap_navigator	IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary J… New	CWE-79 Cross-site Scripting	CVE-2026-8059	2026-06-27 06:27	2026-06-23	Show	GitHub Exploit DB Packet Storm

375	7.5	HIGH Network	ibm	datacap datacap_navigator	IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys … New	CWE-316 Cleartext Storage of Sensitive Information in Memory	CVE-2026-8636	2026-06-27 06:20	2026-06-23	Show	GitHub Exploit DB Packet Storm

376	5.3	MEDIUM Network	ibm	datacap datacap_navigator	IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, … New	CWE-425 Direct Request ('Forced Browsing')	CVE-2026-9610	2026-06-27 06:19	2026-06-23	Show	GitHub Exploit DB Packet Storm

377	8.5	HIGH Network	-	-	Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with automation permissions can bypass Budibase's SSRF blacklist through DNS rebinding. The outbound fetch flow vali… New	CWE-367 CWE-918 Time-of-check Time-of-use (TOCTOU) Race Condition Server-Side Request Forgery (SSRF)	CVE-2026-54353	2026-06-27 06:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

378	8.2	HIGH Network	-	-	Budibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigger endpoint in Budibase is publicly accessible and passes the full HTTP request body into automation execution paramete… New	CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-54351	2026-06-27 06:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

379	10.0	CRITICAL Network	-	-	Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB… New	CWE-89 CWE-943 SQL Injection Improper Neutralization of Special Elements in Data Query Logic	CVE-2026-54350	2026-06-27 06:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

380	-		-	-	Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the moment a user command fires (Time-of-Check). However, the… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-52885	2026-06-27 06:16	2026-06-27	Show	GitHub Exploit DB Packet Storm