Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
71 9.9 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおける権限管理に関する脆弱性 New CWE-269
不適切な権限管理 		CVE-2026-46852 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
72 9.6 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-46853 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
73 9.9 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46854 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
74 9.9 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性 New CWE-284
CWE-noinfo
CVE-2026-46855 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
75 9.6 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
CWE-noinfo
CVE-2026-46856 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
76 9.8 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性 New CWE-284
CWE-noinfo
CVE-2026-46857 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
77 9.1 緊急
Network 		オラクル Oracle Application Performance Management オラクルのOracle Application Performance Managementにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46858 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
78 9.8 緊急
Network 		オラクル Oracle Agile PLM オラクルのOracle Agile PLMにおける認証に関する脆弱性 New CWE-287
不適切な認証 		CVE-2026-46859 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
79 7.5 重要
Network 		オラクル MySQL Cluster
MySQL Server 		オラクルのMySQL Cluster等の複数製品におけるリソースの枯渇に関する脆弱性 New CWE-400
リソースの枯渇 		CVE-2026-46863 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
80 8.8 重要
Network 		- オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性 New CWE-284
CWE-noinfo
CVE-2026-46864 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
257291 9.1 CRITICAL
Network 		honeywell xl_web_ii_controller An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. A user with low privileges is able to open and change the pa… CWE-269
 Improper Privilege Management 		CVE-2017-5142 2024-11-21 12:27 2017-02-14 Show GitHub Exploit DB Packet Storm
257292 6.0 MEDIUM
Network 		honeywell xl_web_ii_controller An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. An attacker can establish a new user session, without invali… CWE-384
 Session Fixation 		CVE-2017-5141 2024-11-21 12:27 2017-02-14 Show GitHub Exploit DB Packet Storm
257293 9.8 CRITICAL
Network 		honeywell xl_web_ii_controller An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Password is stored in clear text. CWE-522
 Insufficiently Protected Credentials 		CVE-2017-5140 2024-11-21 12:27 2017-02-14 Show GitHub Exploit DB Packet Storm
257294 9.8 CRITICAL
Network 		honeywell xl_web_ii_controller An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Any user is able to disclose a password by accessing a speci… CWE-522
 Insufficiently Protected Credentials 		CVE-2017-5139 2024-11-21 12:27 2017-02-14 Show GitHub Exploit DB Packet Storm
257295 5.9 MEDIUM
Network 		xabber xabber An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This… CWE-20
CWE-346
 Improper Input Validation 
 Origin Validation Error 		CVE-2017-5606 2024-11-21 12:27 2017-02-10 Show GitHub Exploit DB Packet Storm
257296 5.9 MEDIUM
Network 		movim movim An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This… CWE-20
CWE-346
 Improper Input Validation 
 Origin Validation Error 		CVE-2017-5605 2024-11-21 12:27 2017-02-10 Show GitHub Exploit DB Packet Storm
257297 5.9 MEDIUM
Network 		mcabber mcabber An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This… CWE-20
CWE-346
 Improper Input Validation 
 Origin Validation Error 		CVE-2017-5604 2024-11-21 12:27 2017-02-10 Show GitHub Exploit DB Packet Storm
257298 5.9 MEDIUM
Network 		jitsi jitsi An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This… CWE-20
CWE-346
 Improper Input Validation 
 Origin Validation Error 		CVE-2017-5603 2024-11-21 12:27 2017-02-10 Show GitHub Exploit DB Packet Storm
257299 5.9 MEDIUM
Network 		jappix_project jappix An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This… CWE-20
CWE-346
 Improper Input Validation 
 Origin Validation Error 		CVE-2017-5602 2024-11-21 12:27 2017-02-10 Show GitHub Exploit DB Packet Storm
257300 5.9 MEDIUM
Network 		psi-plus psi\+ An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This… CWE-20
CWE-346
 Improper Input Validation 
 Origin Validation Error 		CVE-2017-5593 2024-11-21 12:27 2017-02-10 Show GitHub Exploit DB Packet Storm