Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 23, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1121 | 7.5 |
重要
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおける不適切に制御された順次メモリ割り当てに関する脆弱性 |
CWE-1325
不適切に制御された順次メモリ割り当て |
CVE-2026-34183 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1122 | 5.5 |
警告
Local |
アドビシステムズ |
C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web |
アドビの(Content Authenticity Initiative) c2pa-web等の複数製品におけるパストラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2026-34657 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1123 | 7.5 |
重要
Network |
アドビシステムズ |
C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web |
アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における整数オーバーフローの脆弱性 |
CWE-190
整数オーバーフローまたはラップアラウンド |
CVE-2026-34711 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1124 | 7.5 |
重要
Network |
アドビシステムズ |
C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web |
アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における入力確認に関する脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2026-34712 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1125 | 7.5 |
重要
Network |
アドビシステムズ |
C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web |
アドビの(Content Authenticity Initiative) c2pa-web等の複数製品におけるリソースの枯渇に関する脆弱性 |
CWE-400
リソースの枯渇 |
CVE-2026-34713 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1126 | 5 |
警告
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおける二重解放に関する脆弱性 |
CWE-415
二重解放 |
CVE-2026-35188 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1127 | 5.4 |
警告
Network |
VMware |
VMware Telco Cloud Platform VMware Aria Operations VMware Cloud Foundation |
VMwareのVMware Aria Operations等の複数製品におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2026-41724 | 2026-06-16 13:38 | 2026-06-8 | Show | GitHub Exploit DB Packet Storm |
| 1128 | 5.3 |
警告
Network |
VMware | Spring Framework | VMwareのSpring FrameworkにおけるHTTP リクエストスマグリングに関する脆弱性 |
CWE-444
HTTP リクエストスマグリング |
CVE-2026-41853 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1129 | 6.5 |
警告
Network |
VMware | Spring Framework | VMwareのSpring Frameworkにおけるサーバサイドのリクエストフォージェリの脆弱性 |
CWE-918
サーバサイドリクエストフォージェリ |
CVE-2026-41854 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1130 | 7.5 |
重要
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおけるNULL ポインタデリファレンスに関する脆弱性 |
CWE-476
NULL ポインタデリファレンス |
CVE-2026-42764 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 24, 2026, 4 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 254541 | 5.5 |
MEDIUM
Local |
microsoft |
forefront_security malware_protection_engine windows_defender |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… |
CWE-119 CWE-369 CWE-476 CWE-674 Incorrect Access of Indexable Resource ('Range Error') Divide By Zero NULL Pointer Dereference Uncontrolled Recursion |
CVE-2017-8542 | 2024-11-21 12:34 | 2017-05-27 | Show | GitHub Exploit DB Packet Storm |
| 254542 | 7.8 |
HIGH
Local |
microsoft |
forefront_security malware_protection_engine windows_defender |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-8541 | 2024-11-21 12:34 | 2017-05-27 | Show | GitHub Exploit DB Packet Storm |
| 254543 | 5.5 |
MEDIUM
Local |
microsoft |
forefront_security malware_protection_engine windows_defender |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… |
CWE-119 CWE-369 CWE-476 CWE-674 Incorrect Access of Indexable Resource ('Range Error') Divide By Zero NULL Pointer Dereference Uncontrolled Recursion |
CVE-2017-8539 | 2024-11-21 12:34 | 2017-05-27 | Show | GitHub Exploit DB Packet Storm |
| 254544 | 7.8 |
HIGH
Local |
microsoft |
forefront_security malware_protection_engine windows_defender |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-8538 | 2024-11-21 12:34 | 2017-05-27 | Show | GitHub Exploit DB Packet Storm |
| 254545 | 5.5 |
MEDIUM
Local |
microsoft |
windows_defender forefront_endpoint_protection security_essentials endpoint_protection system_center_endpoint_protection windows_intune_endpoint_protection exchange_server |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… |
CWE-119 CWE-369 CWE-476 CWE-674 Incorrect Access of Indexable Resource ('Range Error') Divide By Zero NULL Pointer Dereference Uncontrolled Recursion |
CVE-2017-8537 | 2024-11-21 12:34 | 2017-05-27 | Show | GitHub Exploit DB Packet Storm |
| 254546 | 5.5 |
MEDIUM
Local |
microsoft |
windows_defender forefront_endpoint_protection security_essentials endpoint_protection system_center_endpoint_protection windows_intune_endpoint_protection exchange_server |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… |
CWE-119 CWE-369 CWE-476 CWE-674 Incorrect Access of Indexable Resource ('Range Error') Divide By Zero NULL Pointer Dereference Uncontrolled Recursion |
CVE-2017-8536 | 2024-11-21 12:34 | 2017-05-27 | Show | GitHub Exploit DB Packet Storm |
| 254547 | 5.5 |
MEDIUM
Local |
microsoft |
windows_defender forefront_endpoint_protection security_essentials endpoint_protection system_center_endpoint_protection windows_intune_endpoint_protection exchange_server |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and… |
CWE-119 CWE-369 CWE-476 CWE-674 Incorrect Access of Indexable Resource ('Range Error') Divide By Zero NULL Pointer Dereference Uncontrolled Recursion |
CVE-2017-8535 | 2024-11-21 12:34 | 2017-05-27 | Show | GitHub Exploit DB Packet Storm |
| 254548 | 7.5 |
HIGH
Network |
sap | hana_xs | sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of service (assertion failure and service crash) by pushing a package with a filename containing a $ (dollar s… |
CWE-617
Reachable Assertion |
CVE-2017-8915 | 2024-11-21 12:34 | 2017-05-23 | Show | GitHub Exploit DB Packet Storm |
| 254549 | 8.3 |
HIGH
Network |
sap | hana_xs | sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to hijack npm packages or host arbitrary files by leveraging an insecure user creation policy, aka SAP Security Note 2407694. |
NVD-CWE-noinfo
|
CVE-2017-8914 | 2024-11-21 12:34 | 2017-05-23 | Show | GitHub Exploit DB Packet Storm |
| 254550 | 8.8 |
HIGH
Network |
sap | netweaver_application_server_java | The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/se… |
CWE-611
XXE |
CVE-2017-8913 | 2024-11-21 12:34 | 2017-05-23 | Show | GitHub Exploit DB Packet Storm |