Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 17, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 281 | 5.4 |
警告
Network |
Splunk |
Splunk splunk cloud platform |
SplunkのSplunk等の複数製品におけるクロスサイトスクリプティングの脆弱性 New |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2026-20258 | 2026-06-16 13:38 | 2026-06-10 | Show | GitHub Exploit DB Packet Storm |
| 282 | 7.2 |
重要
Network |
QNAP Systems |
QuTS hero QNAP QTS |
QNAP SystemsのQNAP QTS等の複数製品におけるOS コマンドインジェクションの脆弱性 New |
CWE-78
OSコマンド・インジェクション |
CVE-2026-22893 | 2026-06-16 13:38 | 2026-06-10 | Show | GitHub Exploit DB Packet Storm |
| 283 | 7.2 |
重要
Network |
QNAP Systems |
QuTS hero QNAP QTS |
QNAP SystemsのQNAP QTS等の複数製品におけるNULL ポインタデリファレンスに関する脆弱性 New |
CWE-476
NULL ポインタデリファレンス |
CVE-2026-24716 | 2026-06-16 13:38 | 2026-06-10 | Show | GitHub Exploit DB Packet Storm |
| 284 | 7.2 |
重要
Network |
QNAP Systems |
QuTS hero QNAP QTS |
QNAP SystemsのQNAP QTS等の複数製品におけるOS コマンドインジェクションの脆弱性 New |
CWE-78
OSコマンド・インジェクション |
CVE-2026-24719 | 2026-06-16 13:38 | 2026-06-10 | Show | GitHub Exploit DB Packet Storm |
| 285 | 5.3 |
警告
Network |
NAVTOR AS | NavBox Firmware | NAVTOR ASのNavBox Firmwareにおけるエラーメッセージによる情報漏えいに関する脆弱性 New |
CWE-209
エラーメッセージによる情報漏えい |
CVE-2026-2752 | 2026-06-16 13:38 | 2026-03-6 | Show | GitHub Exploit DB Packet Storm |
| 286 | 7.5 |
重要
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおける境界外読み取りに関する脆弱性 New |
CWE-125
境界外読み取り |
CVE-2026-34180 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 287 | 7.4 |
重要
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおけるデータの整合性検証不備に関する脆弱性 New |
CWE-354
データの整合性検証不備 |
CVE-2026-34181 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 288 | 9.1 |
緊急
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおけるデータの整合性検証不備に関する脆弱性 New |
CWE-354
データの整合性検証不備 |
CVE-2026-34182 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 289 | 7.5 |
重要
Network |
OpenSSL Project | OpenSSL | OpenSSL ProjectのOpenSSLにおける不適切に制御された順次メモリ割り当てに関する脆弱性 New |
CWE-1325
不適切に制御された順次メモリ割り当て |
CVE-2026-34183 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
| 290 | 5.5 |
警告
Local |
アドビシステムズ |
C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web |
アドビの(Content Authenticity Initiative) c2pa-web等の複数製品におけるパストラバーサルの脆弱性 New |
CWE-22
パス・トラバーサル |
CVE-2026-34657 | 2026-06-16 13:38 | 2026-06-9 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 17, 2026, 4:19 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 255161 | 9.8 |
CRITICAL
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus enterprise_linux_server_eus firefox thu… |
A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Fir… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-7786 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 255162 | 5.3 |
MEDIUM
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus enterprise_linux_server_eus thunderbird
On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert fr…
|
CWE-20
|
Improper Input Validation
CVE-2017-7791
|
2024-11-21 12:32 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 255163 | 7.5 |
HIGH
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus enterprise_linux_server_eus thunderbird
Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. Thi…
|
CWE-200
|
Information Exposure
CVE-2017-7787
|
2024-11-21 12:32 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 255164 | 9.8 |
CRITICAL
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus enterprise_linux_server_eus thunderbird
A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thund…
|
CWE-119
|
Incorrect Access of Indexable Resource ('Range Error')
CVE-2017-7785
|
2024-11-21 12:32 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 255165 | 9.8 |
CRITICAL
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus enterprise_linux_server_eus thunderbird
A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerabil…
|
CWE-416
|
Use After Free
CVE-2017-7784
|
2024-11-21 12:32 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 255166 | 7.5 |
HIGH
Network |
mozilla | firefox | If a long user name is used in a username/password combination in a site URL (such as " http://UserName:Password@example.com"), the resulting modal prompt will hang in a non-responsive state or crash… |
CWE-20
Improper Input Validation |
CVE-2017-7783 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 255167 | 5.3 |
MEDIUM
Network |
mozilla |
firefox firefox_esr thunderbird |
An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating sys… |
CWE-269
Improper Privilege Management |
CVE-2017-7782 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 255168 | 5.9 |
MEDIUM
Network |
mozilla | firefox | An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINT_AT_INFINITY" when it should not. A man-in-the-middle atta… |
NVD-CWE-noinfo
|
CVE-2017-7781 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 255169 | 9.8 |
CRITICAL
Network |
mozilla | firefox | Memory safety bugs were reported in Firefox 54. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-7780 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 255170 | 9.8 |
CRITICAL
Network |
mozilla debian sil |
firefox thunderbird firefox_esr debian_linux graphite2 |
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Gra… |
CWE-119 CWE-125 CWE-787 Incorrect Access of Indexable Resource ('Range Error') Out-of-bounds Read Out-of-bounds Write |
CVE-2017-7778 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |