Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 24, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1161 | 7.5 |
重要
Network |
アドビシステムズ |
C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web |
アドビの(Content Authenticity Initiative) c2pa-web等の複数製品におけるリソースの枯渇に関する脆弱性 |
CWE-400
リソースの枯渇 |
CVE-2026-34713 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1162 | 5 |
警告
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおける二重解放に関する脆弱性 |
CWE-415
二重解放 |
CVE-2026-35188 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1163 | 5.4 |
警告
Network |
VMware |
VMware Telco Cloud Platform VMware Aria Operations VMware Cloud Foundation |
VMwareのVMware Aria Operations等の複数製品におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2026-41724 | 2026-06-16 13:38 | 2026-06-8 | Show | GitHub Exploit DB Packet Storm |
| 1164 | 5.3 |
警告
Network |
VMware | Spring Framework | VMwareのSpring FrameworkにおけるHTTP リクエストスマグリングに関する脆弱性 |
CWE-444
HTTP リクエストスマグリング |
CVE-2026-41853 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1165 | 6.5 |
警告
Network |
VMware | Spring Framework | VMwareのSpring Frameworkにおけるサーバサイドのリクエストフォージェリの脆弱性 |
CWE-918
サーバサイドリクエストフォージェリ |
CVE-2026-41854 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1166 | 7.5 |
重要
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおけるNULL ポインタデリファレンスに関する脆弱性 |
CWE-476
NULL ポインタデリファレンス |
CVE-2026-42764 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1167 | 7.5 |
重要
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおけるNULL ポインタデリファレンスに関する脆弱性 |
CWE-476
NULL ポインタデリファレンス |
CVE-2026-42765 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1168 | 5.9 |
警告
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおけるNULL ポインタデリファレンスに関する脆弱性 |
CWE-476
NULL ポインタデリファレンス |
CVE-2026-42766 | 2026-06-16 13:37 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1169 | 5.3 |
警告
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおける証明書検証に関する脆弱性 |
CWE-295
不正な証明書検証 |
CVE-2026-42769 | 2026-06-16 13:37 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 1170 | 7.5 |
重要
Network |
マイクロソフト |
Microsoft Windows 10 1607 Microsoft Windows 10 21h2 Microsoft Windows Server 2025 Microsoft Windows Server 2019 Microsoft … |
リモート デスクトップ クライアントのリモートでコードが実行される脆弱性 |
CWE-362 CWE-416 CWE-787 |
CVE-2026-42909 | 2026-06-16 13:37 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 25, 2026, 4:04 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 256351 | 5.9 |
MEDIUM
Network |
f5 |
big-ip_local_traffic_manager big-ip_application_acceleration_manager big-ip_advanced_firewall_manager big-ip_access_policy_manager big-ip_application_security_manager big-ip_link_contr… |
In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 … |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-6163 | 2024-11-21 12:29 | 2017-10-27 | Show | GitHub Exploit DB Packet Storm |
| 256352 | 5.9 |
MEDIUM
Network |
f5 |
big-ip_local_traffic_manager big-ip_application_acceleration_manager big-ip_advanced_firewall_manager big-ip_access_policy_manager big-ip_application_security_manager big-ip_link_contr… |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-6162 | 2024-11-21 12:29 | 2017-10-27 | Show | GitHub Exploit DB Packet Storm |
| 256353 | 5.3 |
MEDIUM
Adjacent |
f5 |
big-ip_local_traffic_manager big-ip_application_acceleration_manager big-ip_advanced_firewall_manager big-ip_access_policy_manager big-ip_application_security_manager big-ip_link_contr… |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSy… |
CWE-400
Uncontrolled Resource Consumption |
CVE-2017-6161 | 2024-11-21 12:29 | 2017-10-27 | Show | GitHub Exploit DB Packet Storm |
| 256354 | 5.9 |
MEDIUM
Network |
f5 |
big-ip_application_acceleration_manager big-ip_policy_enforcement_manager |
In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel (… |
NVD-CWE-noinfo
|
CVE-2017-6160 | 2024-11-21 12:29 | 2017-10-27 | Show | GitHub Exploit DB Packet Storm |
| 256355 | 5.9 |
MEDIUM
Network |
f5 |
big-ip_local_traffic_manager big-ip_application_acceleration_manager big-ip_advanced_firewall_manager big-ip_access_policy_manager big-ip_application_security_manager big-ip_link_contr… |
F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP o… |
NVD-CWE-noinfo
|
CVE-2017-6159 | 2024-11-21 12:29 | 2017-10-27 | Show | GitHub Exploit DB Packet Storm |
| 256356 | 8.1 |
HIGH
Network |
f5 |
big-ip_local_traffic_manager big-ip_application_acceleration_manager big-ip_advanced_firewall_manager big-ip_access_policy_manager big-ip_application_security_manager big-ip_link_contr… |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration … |
NVD-CWE-noinfo
|
CVE-2017-6157 | 2024-11-21 12:29 | 2017-10-27 | Show | GitHub Exploit DB Packet Storm |
| 256357 | 9.8 |
CRITICAL
Network |
f5 |
big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system … |
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms o… |
CWE-532
Inclusion of Sensitive Information in Log Files |
CVE-2017-6165 | 2024-11-21 12:29 | 2017-10-21 | Show | GitHub Exploit DB Packet Storm |
| 256358 | 7.3 |
HIGH
Network |
f5 |
big-ip_link_controller big-ip_local_traffic_manager big-ip_advanced_firewall_manager big-ip_access_policy_manager big-ip_policy_enforcement_manager big-ip_domain_name_system big-ip_… |
iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.0.0 through 12.1.2 and 13.0.0 includes a service to convert authorization BIGIPAuthCookie cook… |
CWE-613
Insufficient Session Expiration |
CVE-2017-6145 | 2024-11-21 12:29 | 2017-10-21 | Show | GitHub Exploit DB Packet Storm |
| 256359 | 7.4 |
HIGH
Network |
f5 | big-ip_policy_enforcement_manager | In F5 BIG-IP PEM 12.1.0 through 12.1.2 when downloading the Type Allocation Code (TAC) database file via HTTPS, the server's certificate is not verified. Attackers in a privileged network position ma… |
CWE-295
Improper Certificate Validation |
CVE-2017-6144 | 2024-11-21 12:29 | 2017-10-21 | Show | GitHub Exploit DB Packet Storm |
| 256360 | 5.9 |
MEDIUM
Network |
f5 |
big-ip_local_traffic_manager big-ip_advanced_firewall_manager big-ip_access_policy_manager big-ip_policy_enforcement_manager big-ip_application_security_manager big-ip_application_acce… |
In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and WebSafe 12.1.0 through 12.1.2, certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket op… |
CWE-20
Improper Input Validation |
CVE-2017-6141 | 2024-11-21 12:29 | 2017-10-21 | Show | GitHub Exploit DB Packet Storm |