Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
681 9.9 緊急
Network 		オラクル Oracle WebCenter Portal オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46838 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
682 9.9 緊急
Network 		オラクル Oracle WebCenter Portal オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46844 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
683 9.8 緊急
Network 		オラクル Oracle WebCenter Portal オラクルのOracle WebCenter Portalにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-46845 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
684 10 緊急
Network 		オラクル Oracle WebCenter Portal オラクルのOracle WebCenter Portalにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-46846 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
685 9.9 緊急
Network 		オラクル Oracle WebCenter Portal オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-46847 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
686 7.9 重要
Local 		オラクル Oracle WebLogic Server オラクルのOracle WebLogic Serverにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-46848 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
687 8.1 重要
Network 		オラクル PeopleSoft Enterprise CS Campus Community オラクルのPeopleSoft Enterprise CS Campus Communityにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-46851 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
688 9.9 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおける権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-46852 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
689 9.6 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-46853 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
690 9.9 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46854 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
256981 8.8 HIGH
Network 		infor enterprise_asset_management INFOR EAM V11.0 Build 201410 has SQL injection via search fields, related to the filtervalue parameter. CWE-89
SQL Injection 		CVE-2017-7952 2024-11-21 12:33 2017-05-16 Show GitHub Exploit DB Packet Storm
256982 7.8 HIGH
Local 		google android In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized a… CWE-416
 Use After Free 		CVE-2017-8246 2024-11-21 12:33 2017-05-13 Show GitHub Exploit DB Packet Storm
256983 7.8 HIGH
Local 		google android In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bou… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8245 2024-11-21 12:33 2017-05-13 Show GitHub Exploit DB Packet Storm
256984 7.0 HIGH
Local 		google android In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at … CWE-362
Race Condition 		CVE-2017-8244 2024-11-21 12:33 2017-05-13 Show GitHub Exploit DB Packet Storm
256985 5.5 MEDIUM
Local 		conexant mictray64 Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. In mictray64.exe (mic tray icon) 1.0.0.46, a LowLevelKey… CWE-200
Information Exposure 		CVE-2017-8360 2024-11-21 12:33 2017-05-12 Show GitHub Exploit DB Packet Storm
256986 5.5 MEDIUM
Local 		schneider-electric vampset All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes t… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-7967 2024-11-21 12:33 2017-05-10 Show GitHub Exploit DB Packet Storm
256987 5.5 MEDIUM
Local 		ca client_automation The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2017-8391 2024-11-21 12:33 2017-05-6 Show GitHub Exploit DB Packet Storm
256988 6.1 MEDIUM
Network 		accellion file_transfer_appliance An issue was discovered on Accellion FTA devices before FTA_9_12_180. courier/1000@/oauth/playground/callback.html allows XSS with a crafted URI. CWE-79
Cross-site Scripting 		CVE-2017-8304 2024-11-21 12:33 2017-05-6 Show GitHub Exploit DB Packet Storm
256989 9.8 CRITICAL
Network 		accellion file_transfer_appliance An issue was discovered on Accellion FTA devices before FTA_9_12_180. seos/1000/find.api allows Remote Code Execution with shell metacharacters in the method parameter. CWE-116
 Improper Encoding or Escaping of Output 		CVE-2017-8303 2024-11-21 12:33 2017-05-6 Show GitHub Exploit DB Packet Storm
256990 8.8 HIGH
Network 		atlassian hipchat_server Atlassian Hipchat Server before 2.2.4 allows remote authenticated users with user level privileges to execute arbitrary code via vectors involving image uploads. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2017-8080 2024-11-21 12:33 2017-05-5 Show GitHub Exploit DB Packet Storm