Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
561 4.7 警告
Network 		アドビシステムズ Adobe Experience Manager アドビのAdobe Experience Managerにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-34693 2026-06-12 14:54 2026-06-9 Show GitHub Exploit DB Packet Storm
562 4.8 警告
Network 		アドビシステムズ Adobe Experience Manager アドビのAdobe Experience Managerにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-34694 2026-06-12 14:54 2026-06-9 Show GitHub Exploit DB Packet Storm
563 7.8 重要
Local 		アドビシステムズ Adobe Substance 3D Sampler アドビのAdobe Substance 3D Samplerにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-34709 2026-06-12 14:54 2026-06-9 Show GitHub Exploit DB Packet Storm
564 7.8 重要
Local 		アドビシステムズ Adobe Substance 3D Sampler アドビのAdobe Substance 3D Samplerにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-34710 2026-06-12 14:54 2026-06-9 Show GitHub Exploit DB Packet Storm
565 7.2 重要
Network 		emlog emlog emlogにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-39276 2026-06-12 14:54 2026-05-29 Show GitHub Exploit DB Packet Storm
566 8.1 重要
Network 		マイクロソフト Visual Studio Code Visual Studio Code の特権の昇格の脆弱性 CWE-20
CWE-noinfo
CVE-2026-40376 2026-06-12 14:54 2026-06-9 Show GitHub Exploit DB Packet Storm
567 7.8 重要
Local 		マイクロソフト Microsoft Windows 11 23h2
Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft&n… 		Windows ユニバーサル ディスク フォーマット ファイル システム ドライバー (UDFS) の特権昇格の脆弱性 CWE-197
数値打ち切り誤差 		CVE-2026-40409 2026-06-12 14:54 2026-06-9 Show GitHub Exploit DB Packet Storm
568 7.5 重要
Network 		VMware Spring HATEOAS VMwareのSpring HATEOASにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-41006 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
569 7.5 重要
Network 		VMware Spring HATEOAS VMwareのSpring HATEOASにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-41007 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
570 7.8 重要
Local 		マイクロソフト Microsoft Windows 11 23h2
Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft&n… 		Microsoft Kinect の特権昇格の脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-41092 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
257521 6.5 MEDIUM
Network 		emc rsa_archer_egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privile… CWE-200
Information Exposure 		CVE-2017-4999 2024-11-21 12:26 2017-07-7 Show GitHub Exploit DB Packet Storm
257522 8.8 HIGH
Network 		emc rsa_archer_egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a cross-site request forgery vulnerability. A remote low privileged attacker may potentially exploit the… CWE-352
 Origin Validation Error 		CVE-2017-4998 2024-11-21 12:26 2017-07-7 Show GitHub Exploit DB Packet Storm
257523 5.8 MEDIUM
Network 		cisco staros A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunn… NVD-CWE-noinfo
CVE-2017-3865 2024-11-21 12:26 2017-07-4 Show GitHub Exploit DB Packet Storm
257524 9.8 CRITICAL
Network 		dell emc_vasa_provider_virtual_appliance EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affect… CWE-20
 Improper Input Validation  		CVE-2017-4997 2024-11-21 12:26 2017-06-30 Show GitHub Exploit DB Packet Storm
257525 6.4 MEDIUM
Physics 		google android On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation… NVD-CWE-noinfo
CVE-2017-3750 2024-11-21 12:26 2017-06-30 Show GitHub Exploit DB Packet Storm
257526 6.4 MEDIUM
Physics 		google android On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in … NVD-CWE-noinfo
CVE-2017-3749 2024-11-21 12:26 2017-06-30 Show GitHub Exploit DB Packet Storm
257527 7.8 HIGH
Local 		google android On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly k… NVD-CWE-noinfo
CVE-2017-3748 2024-11-21 12:26 2017-06-30 Show GitHub Exploit DB Packet Storm
257528 5.5 MEDIUM
Local 		lenovo nerve_center Privilege escalation vulnerability in Lenovo Nerve Center for Windows 10 on Desktop systems (Lenovo Nerve Center for notebook systems is not affected) that could allow an attacker with local privileg… NVD-CWE-noinfo
CVE-2017-3747 2024-11-21 12:26 2017-06-30 Show GitHub Exploit DB Packet Storm
257529 5.4 MEDIUM
Network 		mcafee data_loss_prevention_endpoint Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecti… CWE-79
Cross-site Scripting 		CVE-2017-3948 2024-11-21 12:26 2017-06-23 Show GitHub Exploit DB Packet Storm
257530 9.8 CRITICAL
Network 		emc avamar_server In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2017-4990 2024-11-21 12:26 2017-06-22 Show GitHub Exploit DB Packet Storm