Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
41	5.3	警告 Network	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows Kerberos のサービス拒否の脆弱性 New	CWE-125 境界外読み取り	CVE-2026-42914	2026-06-12 14:52	2026-06-9	Show	GitHub Exploit DB Packet Storm

42	5.7	警告 Adjacent	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows 11 26h1 Microsoft Windows 11 24h2 Microsoft Wind…	Windows TCP/IP のサービス拒否の脆弱性 New	CWE-131 正しくないバッファサイズ計算	CVE-2026-42915	2026-06-12 14:52	2026-06-9	Show	GitHub Exploit DB Packet Storm

43	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	NT OS カーネルの特権の昇格の脆弱性 New	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-42916	2026-06-12 14:52	2026-06-9	Show	GitHub Exploit DB Packet Storm

44	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows テレフォニーサーバーの情報漏えいの脆弱性 New	CWE-125 境界外読み取り	CVE-2026-42968	2026-06-12 14:52	2026-06-9	Show	GitHub Exploit DB Packet Storm

45	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows プッシュ通知の情報漏えいの脆弱性 New	CWE-908 初期化されていないリソースの使用	CVE-2026-42969	2026-06-12 14:52	2026-06-9	Show	GitHub Exploit DB Packet Storm

46	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows プッシュ通知の情報漏えいの脆弱性 New	CWE-200 情報漏えい	CVE-2026-42970	2026-06-12 14:52	2026-06-9	Show	GitHub Exploit DB Packet Storm

47	5.5	警告 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	Windows プッシュ通知の情報漏えいの脆弱性 New	CWE-200 情報漏えい	CVE-2026-42971	2026-06-12 14:52	2026-06-9	Show	GitHub Exploit DB Packet Storm

48	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2019 Microsoft Windows 11 26h1 Microsoft …	Windows プッシュ通知の特権昇格の脆弱性 New	CWE-362 CWE-416	CVE-2026-42979	2026-06-12 14:52	2026-06-9	Show	GitHub Exploit DB Packet Storm

49	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft&n…	NT OS カーネルの特権の昇格の脆弱性 New	CWE-122 CWE-191	CVE-2026-42980	2026-06-12 14:51	2026-06-9	Show	GitHub Exploit DB Packet Storm

50	8.1	重要 Network	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows Server 2022 Microsoft Windows 11 26h1 Microsoft Windows 11 24h2 Microsoft Wind…	Windows パフォーマンスモニターのリモートコード実行に対する脆弱性 New	CWE-191 整数アンダーフロー	CVE-2026-42981	2026-06-12 14:51	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
258141	7.8	HIGH Local	netpbm_project	netpbm	An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the appli…	CWE-125 Out-of-bounds Read	CVE-2017-2579	2024-11-21 12:23	2018-07-28	Show	GitHub Exploit DB Packet Storm

258142	7.5	HIGH Network	redhat debian	undertow debian_linux jboss_enterprise_application_platform	It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2017-2670	2024-11-21 12:23	2018-07-28	Show	GitHub Exploit DB Packet Storm

258143	6.5	MEDIUM Network	redhat	jboss_enterprise_application_platform	It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal.	CWE-22 Path Traversal	CVE-2017-2595	2024-11-21 12:23	2018-07-28	Show	GitHub Exploit DB Packet Storm

258144	7.5	HIGH Network	redhat	cloudforms cloudforms_management_engine	It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenSh…	-	CVE-2017-2639	2024-11-21 12:23	2018-07-27	Show	GitHub Exploit DB Packet Storm

258145	6.5	MEDIUM Network	redhat debian	undertow jboss_enterprise_application_platform debian_linux	It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid charac…	CWE-444 HTTP Request Smuggling	CVE-2017-2666	2024-11-21 12:23	2018-07-27	Show	GitHub Exploit DB Packet Storm

258146	5.5	MEDIUM Local	redhat	openstack	An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access…	-	CVE-2017-2622	2024-11-21 12:23	2018-07-27	Show	GitHub Exploit DB Packet Storm

258147	6.5	MEDIUM Network	redhat	keycloak jboss_enterprise_application_platform	It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an a…	CWE-200 Information Exposure	CVE-2017-2582	2024-11-21 12:23	2018-07-27	Show	GitHub Exploit DB Packet Storm

258148	9.0	CRITICAL Network	redhat hawt	jboss_fuse hawtio	It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and …	NVD-CWE-noinfo	CVE-2017-2589	2024-11-21 12:23	2018-07-27	Show	GitHub Exploit DB Packet Storm

258149	6.5	MEDIUM Network	redhat	cloudforms cloudforms_management_engine	CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portion of CloudForms. An attacker with access could use a vari…	NVD-CWE-noinfo	CVE-2017-2664	2024-11-21 12:23	2018-07-26	Show	GitHub Exploit DB Packet Storm

258150	10.0	CRITICAL Network	redhat	openstack	A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (al…	-	CVE-2017-2637	2024-11-21 12:23	2018-07-26	Show	GitHub Exploit DB Packet Storm