Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
411	7.8	重要 Local		-	アップルのmacOSにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2025-31272	2026-06-15 11:21	2026-06-11	Show	GitHub Exploit DB Packet Storm

412	5.5	警告 Local		-	アップルのmacOSにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2025-43339	2026-06-15 11:21	2026-06-11	Show	GitHub Exploit DB Packet Storm

413	5.5	警告 Local		-	アップルのmacOSにおけるリンク解釈に関する脆弱性	CWE-59 リンク解釈の問題	CVE-2025-46293	2026-06-15 11:21	2026-06-11	Show	GitHub Exploit DB Packet Storm

414	5.3	警告 Network	アップル	iOS iPadOS	アップルのiPadOS等の複数製品におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2025-46308	2026-06-15 11:21	2026-06-11	Show	GitHub Exploit DB Packet Storm

415	7.5	重要 Network		-	アップルのmacOSにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2025-46315	2026-06-15 11:21	2026-06-11	Show	GitHub Exploit DB Packet Storm

416	7.5	重要 Network	GPAC	GPAC	GPACにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2025-52292	2026-06-15 11:21	2026-06-9	Show	GitHub Exploit DB Packet Storm

417	7.5	重要 Network	GPAC	GPAC	GPACにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2025-52293	2026-06-15 11:21	2026-06-9	Show	GitHub Exploit DB Packet Storm

418	5.5	警告 Local	GPAC	GPAC	GPACにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-55651	2026-06-15 11:21	2026-06-9	Show	GitHub Exploit DB Packet Storm

419	7.5	重要 Network	GPAC	GPAC	GPACにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-55657	2026-06-15 11:21	2026-06-9	Show	GitHub Exploit DB Packet Storm

420	6.5	警告 Network	GPAC	GPAC	GPACにおける誤った演算子による浮動小数点の比較に関する脆弱性	CWE-1077 誤った演算子による浮動小数点の比較	CVE-2025-55658	2026-06-15 11:21	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
257341	7.5	HIGH Network	wireshark	wireshark	In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/…	CWE-190 CWE-835 Integer Overflow or Wraparound Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2017-5596	2024-11-21 12:27	2017-01-26	Show	GitHub Exploit DB Packet Storm

257342	7.5	HIGH Network	pagekit	pagekit	An issue was discovered in Pagekit CMS before 1.0.11. In this vulnerability the remote attacker is able to reset the registered user's password, when the debug toolbar is enabled. The password is suc…	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2017-5594	2024-11-21 12:27	2017-01-26	Show	GitHub Exploit DB Packet Storm

257343	7.5	HIGH Network	sap	netweaver	The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for…	CWE-200 Information Exposure	CVE-2017-5372	2024-11-21 12:27	2017-01-24	Show	GitHub Exploit DB Packet Storm

257344	7.5	HIGH Network	sybase	adaptive_server_enterprise	Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote attackers to cause a denial of service (process crash) via a series of crafted requests, aka SAP Security Note 2330422.	CWE-20 Improper Input Validation	CVE-2017-5371	2024-11-21 12:27	2017-01-24	Show	GitHub Exploit DB Packet Storm

257345	8.8	HIGH Network	eclinicalworks	patient_portal	An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the messageJson.jsp, which can only be exploited by authenticated users via an HTTP POST re…	CWE-89 SQL Injection	CVE-2017-5570	2024-11-21 12:27	2017-01-24	Show	GitHub Exploit DB Packet Storm

257346	9.8	CRITICAL Network	eclinicalworks	patient_portal	An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the template.jsp, which can be exploited without the need of authentication and via an HTTP…	CWE-89 SQL Injection	CVE-2017-5569	2024-11-21 12:27	2017-01-24	Show	GitHub Exploit DB Packet Storm

257347	7.5	HIGH Network	novell	open_enterprise_server	Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total info…	CWE-22 CWE-200 Path Traversal Information Exposure	CVE-2017-5182	2024-11-21 12:27	2017-01-24	Show	GitHub Exploit DB Packet Storm

257348	9.8	CRITICAL Network	metalgenix	genixcms	SQL injection vulnerability in inc/lib/Options.class.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the modules parameter.	CWE-89 SQL Injection	CVE-2017-5575	2024-11-21 12:27	2017-01-23	Show	GitHub Exploit DB Packet Storm

257349	9.8	CRITICAL Network	metalgenix	genixcms	SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows unauthenticated users to execute arbitrary SQL commands via the activation parameter.	CWE-89 SQL Injection	CVE-2017-5574	2024-11-21 12:27	2017-01-23	Show	GitHub Exploit DB Packet Storm

257350	8.8	HIGH Network	libtiff	libtiff	LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.	CWE-125 Out-of-bounds Read	CVE-2017-5563	2024-11-21 12:27	2017-01-23	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed