Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 29, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 321 | 4.3 |
警告
Network |
Jenkins プロジェクト | Git Parameter | JenkinsのGit Parameterにおける認証の欠如に関する脆弱性 New |
CWE-862
認証の欠如 |
CVE-2026-57286 | 2026-06-29 11:09 | 2026-06-24 | Show | GitHub Exploit DB Packet Storm |
| 322 | 4.3 |
警告
Network |
Jenkins プロジェクト | Job Configuration History | JenkinsのJob Configuration Historyにおける重要な情報の平文保存に関する脆弱性 New |
CWE-312
重要な情報の平文保存 |
CVE-2026-57287 | 2026-06-29 11:09 | 2026-06-24 | Show | GitHub Exploit DB Packet Storm |
| 323 | 3.7 |
低
Network |
Jenkins プロジェクト | Active Directory | JenkinsのActive DirectoryにおけるLDAP インジェクションの脆弱性 New |
CWE-90
LDAP インジェクション |
CVE-2026-57288 | 2026-06-29 11:09 | 2026-06-24 | Show | GitHub Exploit DB Packet Storm |
| 324 | 4.8 |
警告
Network |
Jenkins プロジェクト | bitbucket push and pull request | Jenkinsのbitbucket push and pull requestにおける証明書検証に関する脆弱性 New |
CWE-295
不正な証明書検証 |
CVE-2026-57289 | 2026-06-29 11:09 | 2026-06-24 | Show | GitHub Exploit DB Packet Storm |
| 325 | 4.3 |
警告
Network |
Jenkins プロジェクト | contrast continuous application security | Jenkinsのcontrast continuous application securityにおける認証の欠如に関する脆弱性 New |
CWE-862
認証の欠如 |
CVE-2026-57297 | 2026-06-29 11:09 | 2026-06-24 | Show | GitHub Exploit DB Packet Storm |
| 326 | 4.3 |
警告
Network |
Jenkins プロジェクト | contrast continuous application security | Jenkinsのcontrast continuous application securityにおける認証の欠如に関する脆弱性 New |
CWE-862
認証の欠如 |
CVE-2026-57299 | 2026-06-29 11:09 | 2026-06-24 | Show | GitHub Exploit DB Packet Storm |
| 327 | 4.3 |
警告
Network |
Jenkins プロジェクト | MCP Server Plugin | JenkinsのMCP Server Pluginにおける認証の欠如に関する脆弱性 New |
CWE-862
認証の欠如 |
CVE-2026-57300 | 2026-06-29 11:09 | 2026-06-24 | Show | GitHub Exploit DB Packet Storm |
| 328 | 8.8 |
重要
Network |
Jenkins プロジェクト | Official OWASP ZAP | JenkinsのOfficial OWASP ZAPにおける別領域リソースに対する外部からの制御可能な参照に関する脆弱性 New |
CWE-610
別領域リソースに対する外部からの制御可能な参照 |
CVE-2026-57301 | 2026-06-29 11:09 | 2026-06-24 | Show | GitHub Exploit DB Packet Storm |
| 329 | 4.3 |
警告
Network |
Jenkins プロジェクト | FitNesse | JenkinsのFitNesseにおける認証情報の平文保存に関する脆弱性 New |
CWE-256
平文でパスワードを保存 |
CVE-2026-57302 | 2026-06-29 11:09 | 2026-06-24 | Show | GitHub Exploit DB Packet Storm |
| 330 | 6.1 |
警告
Local |
Vim | Vim | Vimにおける境界外読み取りに関する脆弱性 New |
CWE-125
境界外読み取り |
CVE-2026-57451 | 2026-06-29 11:09 | 2026-06-25 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 29, 2026, 4:19 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 256801 | 5.5 |
MEDIUM
Local |
microsoft |
windows_defender forefront_endpoint_protection security_essentials endpoint_protection system_center_endpoint_protection windows_intune_endpoint_protection exchange_server |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… |
CWE-119 CWE-369 CWE-476 CWE-674 Incorrect Access of Indexable Resource ('Range Error') Divide By Zero NULL Pointer Dereference Uncontrolled Recursion |
CVE-2017-8537 | 2024-11-21 12:34 | 2017-05-27 | Show | GitHub Exploit DB Packet Storm |
| 256802 | 5.5 |
MEDIUM
Local |
microsoft |
windows_defender forefront_endpoint_protection security_essentials endpoint_protection system_center_endpoint_protection windows_intune_endpoint_protection exchange_server |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… |
CWE-119 CWE-369 CWE-476 CWE-674 Incorrect Access of Indexable Resource ('Range Error') Divide By Zero NULL Pointer Dereference Uncontrolled Recursion |
CVE-2017-8536 | 2024-11-21 12:34 | 2017-05-27 | Show | GitHub Exploit DB Packet Storm |
| 256803 | 5.5 |
MEDIUM
Local |
microsoft |
windows_defender forefront_endpoint_protection security_essentials endpoint_protection system_center_endpoint_protection windows_intune_endpoint_protection exchange_server |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… |
CWE-119 CWE-369 CWE-476 CWE-674 Incorrect Access of Indexable Resource ('Range Error') Divide By Zero NULL Pointer Dereference Uncontrolled Recursion |
CVE-2017-8535 | 2024-11-21 12:34 | 2017-05-27 | Show | GitHub Exploit DB Packet Storm |
| 256804 | 7.5 |
HIGH
Network |
sap | hana_xs | sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of service (assertion failure and service crash) by pushing a package with a filename containing a $ (dollar s… |
CWE-617
Reachable Assertion |
CVE-2017-8915 | 2024-11-21 12:34 | 2017-05-23 | Show | GitHub Exploit DB Packet Storm |
| 256805 | 8.3 |
HIGH
Network |
sap | hana_xs | sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to hijack npm packages or host arbitrary files by leveraging an insecure user creation policy, aka SAP Security Note 2407694. |
NVD-CWE-noinfo
|
CVE-2017-8914 | 2024-11-21 12:34 | 2017-05-23 | Show | GitHub Exploit DB Packet Storm |
| 256806 | 8.8 |
HIGH
Network |
sap | netweaver_application_server_java | The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/se… |
CWE-611
XXE |
CVE-2017-8913 | 2024-11-21 12:34 | 2017-05-23 | Show | GitHub Exploit DB Packet Storm |
| 256807 | 4.6 |
MEDIUM
Physics |
Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for cleartext storage of files (Audio, Documents, Images, Video, and Voice Notes) associated with a chat, even after that chat… |
CWE-311
Missing Encryption of Sensitive Data |
CVE-2017-8769 | 2024-11-21 12:34 | 2017-05-18 | Show | GitHub Exploit DB Packet Storm | ||
| 256808 | 9.8 |
CRITICAL
Network |
joomla | joomla\! | SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. |
CWE-89
SQL Injection |
CVE-2017-8917 | 2024-11-21 12:34 | 2017-05-18 | Show | GitHub Exploit DB Packet Storm |
| 256809 | 7.8 |
HIGH
Local |
smb4k_project debian |
smb4k debian_linux |
smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service. |
CWE-20
Improper Input Validation |
CVE-2017-8849 | 2024-11-21 12:34 | 2017-05-17 | Show | GitHub Exploit DB Packet Storm |
| 256810 | 7.8 |
HIGH
Local |
kde |
kauth kdelibs |
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. |
CWE-290
Authentication Bypass by Spoofing |
CVE-2017-8422 | 2024-11-21 12:34 | 2017-05-17 | Show | GitHub Exploit DB Packet Storm |