Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 25, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
11	7.5	重要 Network	InHand Networks	IR915L-FQ39-S Firmware IR912L-FQ58 Firmware	InHand NetworksのIR912L-FQ58 Firmware等の複数製品における古典的バッファオーバーフローの脆弱性 New	CWE-120 古典的バッファオーバーフロー	CVE-2026-38718	2026-06-24 10:00	2026-06-18	Show	GitHub Exploit DB Packet Storm

12	6.5	警告 Network	Palo Alto Networks	Idira Identity Browser Extension	Palo Alto NetworksのIdira Identity Browser Extensionにおける同一生成元ポリシー違反に関する脆弱性 New	CWE-346 同一生成元ポリシー違反	CVE-2026-45173	2026-06-24 10:00	2026-06-11	Show	GitHub Exploit DB Packet Storm

13	7.8	重要 Local	Palo Alto Networks	Idira Endpoint Privilege Manager	Palo Alto NetworksのIdira Endpoint Privilege Managerにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性 New	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-45174	2026-06-24 10:00	2026-06-11	Show	GitHub Exploit DB Packet Storm

14	7.8	重要 Local	Palo Alto Networks	Idira Endpoint Privilege Manager	Palo Alto NetworksのIdira Endpoint Privilege Managerにおける証明書検証に関する脆弱性 New	CWE-295 不正な証明書検証	CVE-2026-45175	2026-06-24 10:00	2026-06-11	Show	GitHub Exploit DB Packet Storm

15	7.8	重要 Local	Palo Alto Networks	Idira Endpoint Privilege Manager	Palo Alto NetworksのIdira Endpoint Privilege Managerにおける権限管理に関する脆弱性 New	CWE-269 CWE-Other	CVE-2026-45176	2026-06-24 10:00	2026-06-11	Show	GitHub Exploit DB Packet Storm

16	9.1	緊急 Network	Palo Alto Networks	Idira Secrets Manager Edge	Palo Alto NetworksのIdira Secrets Manager Edgeにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-45177	2026-06-24 10:00	2026-06-11	Show	GitHub Exploit DB Packet Storm

17	8.1	重要 Network	Palo Alto Networks	Idira Secrets Manager Idira Secrets Manager Credential Providers	Palo Alto NetworksのIdira Secrets Manager等の複数製品におけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-45178	2026-06-24 10:00	2026-06-11	Show	GitHub Exploit DB Packet Storm

18	6.5	警告 Network	デル	PowerFlex Manager	デルのPowerFlex Managerにおける証明書検証に関する脆弱性 New	CWE-295 不正な証明書検証	CVE-2024-47477	2026-06-24 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

19	7.2	重要 Network	Open Source Geospatial Foundation	geoserver	Open Source Geospatial Foundationのgeoserverにおける複数の脆弱性 New	CWE-502 CWE-74	CVE-2025-27511	2026-06-24 10:00	2026-06-18	Show	GitHub Exploit DB Packet Storm

20	7.2	重要 Network	Open Source Geospatial Foundation	geoserver	Open Source Geospatial Foundationのgeoserverにおけるファイル名やパス名の外部制御に関する脆弱性 New	CWE-73 ファイル名やパス名の外部制御	CVE-2025-52465	2026-06-24 10:00	2026-06-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 25, 2026, 4:04 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191531	9.1	CRITICAL Network	sap	cloud_connector	Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted without sufficient validation of the certificate.	CWE-295 Improper Certificate Validation	CVE-2021-33695	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191532	4.8	MEDIUM Network	sap	cloud_connector	SAP Cloud Connector, version - 2.0, does not sufficiently encode user-controlled inputs, allowing an attacker with Administrator rights, to include malicious codes that get stored in the database, an…	CWE-79 Cross-site Scripting	CVE-2021-33694	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191533	6.8	MEDIUM Adjacent	sap	cloud_connector	SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution.	CWE-94 Code Injection	CVE-2021-33693	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191534	7.5	HIGH Network	sap	cloud_connector	SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outsi…	CWE-22 Path Traversal	CVE-2021-33692	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191535	6.1	MEDIUM Network	sap	netweaver_development_infrastructure	NWDI Notification Service versions - 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.SAP NetWeaver Development Infrastruct…	CWE-79 Cross-site Scripting	CVE-2021-33691	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191536	9.9	CRITICAL Network	sap	netweaver_development_infrastructure	Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50The SAP NetWeav…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-33690	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191537	4.3	MEDIUM Network	sap	business_one	SAP Business One allows an attacker with business privileges to execute crafted database queries, exposing the back-end database. Due to framework restrictions, only some information can be obtained.	CWE-89 SQL Injection	CVE-2021-33688	2024-11-21 15:09	2021-09-14	Show	GitHub Exploit DB Packet Storm

191538	5.3	MEDIUM Network	sap	business_one	Under certain conditions, SAP Business One version - 10.0, allows an unauthorized attacker to get access to some encrypted sensitive information, but does not have control over kind or degree.	NVD-CWE-noinfo	CVE-2021-33686	2024-11-21 15:09	2021-09-14	Show	GitHub Exploit DB Packet Storm

191539	6.5	MEDIUM Network	sap	business_one	SAP Business One version - 10.0 allows low-level authorized attacker to traverse the file system to access files or directories that are outside of the restricted directory. A successful attack allow…	CWE-22 Path Traversal	CVE-2021-33685	2024-11-21 15:09	2021-09-14	Show	GitHub Exploit DB Packet Storm

191540	5.4	MEDIUM Network	sap	businessobjects_business_intelligence_platform	The SAP BusinessObjects BI Platform version - 420 allows an attacker, who has basic access to the application, to inject a malicious script while creating a new module document, file, or folder. When…	CWE-79 Cross-site Scripting	CVE-2021-33679	2024-11-21 15:09	2021-09-14	Show	GitHub Exploit DB Packet Storm