Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241	5.7	警告 Network	OTRS プロジェクト	OTRS	OTRS プロジェクトのOTRSにおける情報漏えいに関する脆弱性 New	CWE-200 情報漏えい	CVE-2026-48189	2026-06-16 13:40	2026-06-1	Show	GitHub Exploit DB Packet Storm

242	3.5	低 Network	OTRS プロジェクト	OTRS	OTRS プロジェクトのOTRSにおける不適切なデフォルトパーミッションに関する脆弱性 New	CWE-276 不適切なデフォルトパーミッション	CVE-2026-48190	2026-06-16 13:40	2026-06-1	Show	GitHub Exploit DB Packet Storm

243	3.5	低 Network	OTRS プロジェクト	OTRS	OTRS プロジェクトのOTRSにおける不適切なデフォルトパーミッションに関する脆弱性 New	CWE-276 不適切なデフォルトパーミッション	CVE-2026-48191	2026-06-16 13:40	2026-06-1	Show	GitHub Exploit DB Packet Storm

244	6.5	警告 Network	OTRS プロジェクト	OTRS	OTRS プロジェクトのOTRSにおける複数の脆弱性 New	CWE-400 CWE-791	CVE-2026-48208	2026-06-16 13:40	2026-06-1	Show	GitHub Exploit DB Packet Storm

245	7.1	重要 Network	OTRS プロジェクト	OTRS	OTRS プロジェクトのOTRSにおける複数の脆弱性 New	CWE-116 CWE-79	CVE-2026-48209	2026-06-16 13:40	2026-06-1	Show	GitHub Exploit DB Packet Storm

246	5.7	警告 Network	OTRS プロジェクト	OTRS	OTRS プロジェクトのOTRSにおける複数の脆弱性 New	CWE-200 CWE-269	CVE-2026-48210	2026-06-16 13:40	2026-05-31	Show	GitHub Exploit DB Packet Storm

247	7.5	重要 Network	Django Software Foundation	daphne	Django Software Foundationのdaphneにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-44545	2026-06-16 13:40	2026-06-3	Show	GitHub Exploit DB Packet Storm

248	5.3	警告 Network	Django Software Foundation	daphne	Django Software FoundationのdaphneにおけるHTTP リクエストスマグリングに関する脆弱性 New	CWE-444 HTTP リクエストスマグリング	CVE-2026-44546	2026-06-16 13:40	2026-06-3	Show	GitHub Exploit DB Packet Storm

249	6.1	警告 Network	マイクロソフト	Microsoft Exchange Server Microsoft Exchange Server Subscription Edition (SE)	Microsoft Exchange Server のなりすましの脆弱性 New	CWE-79 CWE-918	CVE-2026-45501	2026-06-16 13:40	2026-06-9	Show	GitHub Exploit DB Packet Storm

250	5	警告 Network	マイクロソフト	Microsoft Exchange Server Microsoft Exchange Server Subscription Edition (SE)	Microsoft Exchange Server の情報漏えいの脆弱性 New	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-45502	2026-06-16 13:40	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
255021	6.5	MEDIUM Network	concretecms	concrete_cms	concrete5 8.1.0 has CSRF in Thumbnail Editor in the File Manager, which allows remote attackers to disable the entire installation by merely tricking an admin into viewing a malicious page involving …	CWE-352 Origin Validation Error	CVE-2017-8082	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

255022	5.3	MEDIUM Network	tp-link	tl-sg108e_firmware	On the TP-Link TL-SG108E 1.0, the upgrade process can be requested remotely without authentication (httpupg.cgi with a parameter called cmd). This affects the 1.1.2 Build 20141017 Rel.50749 firmware.	CWE-287 Improper Authentication	CVE-2017-8078	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

255023	7.5	HIGH Network	tp-link	tl-sg108e_firmware	On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). This affects the 1.1.2 Build 20141017 Rel.50749 firmware.	CWE-798 Use of Hard-coded Credentials	CVE-2017-8077	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

255024	9.8	CRITICAL Network	tp-link	tl-sg108e_firmware	On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.	CWE-326 Inadequate Encryption Strength	CVE-2017-8076	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

255025	9.8	CRITICAL Network	tp-link	tl-sg108e_firmware	On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2017-8075	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

255026	9.8	CRITICAL Network	tp-link	tl-sg108e_firmware	On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmw…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2017-8074	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

255027	7.5	HIGH Network	weechat debian	weechat debian_linux	WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overfl…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-8073	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

255028	7.8	HIGH Local	linux	linux_kernel	The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local us…	CWE-388 7PK - Errors	CVE-2017-8072	2024-11-21 12:33	2017-04-23	Show	GitHub Exploit DB Packet Storm

255029	5.5	MEDIUM Local	linux	linux_kernel	drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial…	CWE-404 Improper Resource Shutdown or Release	CVE-2017-8071	2024-11-21 12:33	2017-04-23	Show	GitHub Exploit DB Packet Storm

255030	7.8	HIGH Local	linux	linux_kernel	drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory c…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-8070	2024-11-21 12:33	2017-04-23	Show	GitHub Exploit DB Packet Storm