Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1151	7.2	重要 Network	QNAP Systems	QuTS hero QNAP QTS	QNAP SystemsのQNAP QTS等の複数製品におけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-24716	2026-06-16 13:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

1152	7.2	重要 Network	QNAP Systems	QuTS hero QNAP QTS	QNAP SystemsのQNAP QTS等の複数製品におけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-24719	2026-06-16 13:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

1153	5.3	警告 Network	NAVTOR AS	NavBox Firmware	NAVTOR ASのNavBox Firmwareにおけるエラーメッセージによる情報漏えいに関する脆弱性	CWE-209 エラーメッセージによる情報漏えい	CVE-2026-2752	2026-06-16 13:38	2026-03-6	Show	GitHub Exploit DB Packet Storm

1154	7.5	重要 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-34180	2026-06-16 13:38	2026-06-9	Show	GitHub Exploit DB Packet Storm

1155	7.4	重要 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおけるデータの整合性検証不備に関する脆弱性	CWE-354 データの整合性検証不備	CVE-2026-34181	2026-06-16 13:38	2026-06-9	Show	GitHub Exploit DB Packet Storm

1156	9.1	緊急 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおけるデータの整合性検証不備に関する脆弱性	CWE-354 データの整合性検証不備	CVE-2026-34182	2026-06-16 13:38	2026-06-9	Show	GitHub Exploit DB Packet Storm

1157	7.5	重要 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおける不適切に制御された順次メモリ割り当てに関する脆弱性	CWE-1325 不適切に制御された順次メモリ割り当て	CVE-2026-34183	2026-06-16 13:38	2026-06-9	Show	GitHub Exploit DB Packet Storm

1158	5.5	警告 Local	アドビシステムズ	C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web	アドビの(Content Authenticity Initiative) c2pa-web等の複数製品におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-34657	2026-06-16 13:38	2026-06-9	Show	GitHub Exploit DB Packet Storm

1159	7.5	重要 Network	アドビシステムズ	C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web	アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-34711	2026-06-16 13:38	2026-06-9	Show	GitHub Exploit DB Packet Storm

1160	7.5	重要 Network	アドビシステムズ	C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web	アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-34712	2026-06-16 13:38	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
254531	6.1	MEDIUM Network	peplink	b305hw2_firmware 380hw6_firmware 580hw2_firmware 710hw3_firmware 1350hw2_firmware 2500_firmware	XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/p…	CWE-79 Cross-site Scripting	CVE-2017-8839	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm

254532	6.1	MEDIUM Network	peplink	b305hw2_firmware 380hw6_firmware 580hw2_firmware 710hw3_firmware 1350hw2_firmware 2500_firmware	XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/H…	CWE-79 Cross-site Scripting	CVE-2017-8838	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm

254533	9.8	CRITICAL Network	peplink	b305hw2_firmware 380hw6_firmware 580hw2_firmware 710hw3_firmware 1350hw2_firmware 2500_firmware	Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in questio…	CWE-522 Insufficiently Protected Credentials	CVE-2017-8837	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm

254534	8.8	HIGH Network	peplink	b305hw2_firmware 380hw6_firmware 580hw2_firmware 710hw3_firmware 1350hw2_firmware 2500_firmware	CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative inte…	CWE-352 Origin Validation Error	CVE-2017-8836	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm

254535	9.8	CRITICAL Network	peplink	b305hw2_firmware 380hw6_firmware 580hw2_firmware 710hw3_firmware 1350hw2_firmware 2500_firmware	SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth coo…	CWE-89 SQL Injection	CVE-2017-8835	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm

254536	4.3	MEDIUM Network	elastic	x-pack	Elastic X-Pack Security versions prior to 5.4.1 and 5.3.3 did not always correctly apply Document Level Security to index aliases. This bug could allow a user with restricted permissions to view data…	CWE-200 Information Exposure	CVE-2017-8441	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm

254537	6.1	MEDIUM Network	elastic	kibana	Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vulnerability in the Discover page that could allow an attacker to obtain sensitive information from or perform destructive actions …	CWE-79 Cross-site Scripting	CVE-2017-8440	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm

254538	6.1	MEDIUM Network	elastic	kibana	Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug in the Time Series Visual Builder. This bug could allow an attacker to obtain sensitive information from Kibana users.	CWE-79 Cross-site Scripting	CVE-2017-8439	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm

254539	8.8	HIGH Network	elastic	x-pack	Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the run_as functionality. This bug prevents transitioning into the specified user specified in a run_as request. …	CWE-269 Improper Privilege Management	CVE-2017-8438	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm

254540	6.5	MEDIUM Network	libming	libming	The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This …	CWE-190 Integer Overflow or Wraparound	CVE-2017-8782	2024-11-21 12:34	2017-05-31	Show	GitHub Exploit DB Packet Storm