Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
701	9.8	緊急 Network	オラクル	Oracle Coherence	オラクルのOracle Coherenceにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-35309	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

702	9.8	緊急 Network	オラクル	Oracle Coherence	オラクルのOracle Coherenceにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-35310	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

703	8.8	重要 Network	オラクル	Oracle WebLogic Server	オラクルのOracle WebLogic Serverにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-35311	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

704	9.8	緊急 Network	オラクル	Oracle Virtual Directory	オラクルのOracle Virtual Directoryにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-35312	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

705	9.9	緊急 Network	オラクル	Oracle Access Manager	オラクルのOracle Access Managerにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-35313	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

706	7.3	重要 Network	オラクル	Oracle Access Manager	オラクルのOracle Access Managerにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-35314	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

707	8.8	重要 Network	オラクル	Oracle WebCenter Content	オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-35315	2026-06-22 11:38	2026-06-17	Show	GitHub Exploit DB Packet Storm

708	9.9	緊急 Network	オラクル	Oracle WebCenter Content	オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-35316	2026-06-22 11:38	2026-06-17	Show	GitHub Exploit DB Packet Storm

709	8.8	重要 Network	オラクル	Oracle WebCenter Content	オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-35317	2026-06-22 11:38	2026-06-17	Show	GitHub Exploit DB Packet Storm

710	8.8	重要 Network		-	オラクルのOracle WebCenter Sites Support Toolsにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-35318	2026-06-22 11:38	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
259511	8.8	HIGH Network	gaku	tablacus_explorer	Tablacus Explorer 17.3.30 and earlier allows arbitrary scripts to be executed in the context of the application due to specially crafted directory.	CWE-74 Injection	CVE-2017-2140	2024-11-21 12:22	2017-04-29	Show	GitHub Exploit DB Packet Storm

259512	5.3	MEDIUM Network	frogman_office_inc	cs-cart	CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to bypass access restriction…	CWE-425 Direct Request ('Forced Browsing')	CVE-2017-2139	2024-11-21 12:22	2017-04-29	Show	GitHub Exploit DB Packet Storm

259513	3.7	LOW Network	netgear	prosafe_plus_configuration_utility	ProSAFE Plus Configuration Utility prior to 2.3.29 allows remote attackers to bypass access restriction and change configurations of the switch via SOAP requests.	NVD-CWE-noinfo	CVE-2017-2137	2024-11-21 12:22	2017-04-29	Show	GitHub Exploit DB Packet Storm

259514	6.1	MEDIUM Network	wp_statistics	wp_statistics	Cross-site scripting vulnerability in WP Statistics version 12.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.	CWE-79 Cross-site Scripting	CVE-2017-2136	2024-11-21 12:22	2017-04-29	Show	GitHub Exploit DB Packet Storm

259515	6.1	MEDIUM Network	wp-statistics	wp_statistics	Cross-site scripting vulnerability in WP Statistics version 12.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2017-2135	2024-11-21 12:22	2017-04-29	Show	GitHub Exploit DB Packet Storm

259516	6.1	MEDIUM Network	uchida	assetbase	Cross-site scripting vulnerability in ASSETBASE 8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2017-2134	2024-11-21 12:22	2017-04-29	Show	GitHub Exploit DB Packet Storm

259517	7.8	HIGH Local	securebrain	phishwall_client	Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer version Ver. 3.7.13 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unsp…	CWE-426 Untrusted Search Path	CVE-2017-2130	2024-11-21 12:22	2017-04-29	Show	GitHub Exploit DB Packet Storm

259518	8.8	HIGH Network	information-technology_promotion_agency	introduction_to_safe_website_operation	Security guide for website operators allows remote attackers to execute arbitrary OS commands via specially crafted saved data.	CWE-78 OS Command	CVE-2017-2128	2024-11-21 12:22	2017-04-29	Show	GitHub Exploit DB Packet Storm

259519	5.4	MEDIUM Network	yop-poll	yop_poll	Cross-site scripting vulnerability in YOP Poll versions prior to 5.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2017-2127	2024-11-21 12:22	2017-04-29	Show	GitHub Exploit DB Packet Storm

259520	8.8	HIGH Network	allied_telesis_k.k.	centrecom_ar260s_v2_firmware	Privilege escalation vulnerability in CentreCOM AR260S V2 remote authenticated attackers to gain privileges via the guest account.	NVD-CWE-noinfo	CVE-2017-2125	2024-11-21 12:22	2017-04-29	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed