Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
21 9.8 緊急
Network 		MariaDB Corporation Ab. MariaDB MariaDB Corporation Ab.のMariaDBにおけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2026-44170 2026-06-17 15:46 2026-06-12 Show GitHub Exploit DB Packet Storm
22 7.8 重要
Local 		MariaDB Corporation Ab. MariaDB MariaDB Corporation Ab.のMariaDBにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-44171 2026-06-17 15:45 2026-06-12 Show GitHub Exploit DB Packet Storm
23 9.8 緊急
Network 		MariaDB Corporation Ab. MariaDB MariaDB Corporation Ab.のMariaDBにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-44172 2026-06-17 15:45 2026-06-12 Show GitHub Exploit DB Packet Storm
24 5.3 警告
Network 		MariaDB Corporation Ab. MariaDB MariaDB Corporation Ab.のMariaDBにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-44173 2026-06-17 15:45 2026-06-12 Show GitHub Exploit DB Packet Storm
25 5.3 警告
Adjacent 		opentelemetry opentelemetry opentelemetryにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 New CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-44967 2026-06-17 15:45 2026-06-12 Show GitHub Exploit DB Packet Storm
26 7.5 重要
Network 		OpenSSL Project OpenSSL OpenSSL ProjectのOpenSSLにおける暗号化処理の不備に関する脆弱性 New CWE-325
暗号化処理の不備 		CVE-2026-45445 2026-06-17 15:45 2026-06-9 Show GitHub Exploit DB Packet Storm
27 4.8 警告
Network 		OpenSSL Project OpenSSL OpenSSL ProjectのOpenSSLにおける暗号化処理の不備に関する脆弱性 New CWE-325
暗号化処理の不備 		CVE-2026-45446 2026-06-17 15:45 2026-06-9 Show GitHub Exploit DB Packet Storm
28 8.8 重要
Network 		OpenSSL Project OpenSSL OpenSSL ProjectのOpenSSLにおける解放済みメモリの使用に関する脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2026-45447 2026-06-17 15:45 2026-06-9 Show GitHub Exploit DB Packet Storm
29 7.5 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 New CWE-noinfo
情報不足 		CVE-2026-45944 2026-06-17 15:45 2026-05-27 Show GitHub Exploit DB Packet Storm
30 8.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける競合状態に関する脆弱性 New CWE-362
競合状態 		CVE-2026-45945 2026-06-17 15:45 2026-05-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
255331 9.8 CRITICAL
Network 		redhat jboss_enterprise_application_platform HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is enabled by default in Red Hat Jboss Application Server <= Jboss 4.X does not restrict the classes fo… CWE-502
 Deserialization of Untrusted Data 		CVE-2017-7504 2024-11-21 12:32 2017-05-20 Show GitHub Exploit DB Packet Storm
255332 7.5 HIGH
Network 		phoenix_contact_gmbh mguard_firmware A Resource Exhaustion issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may compromise the device's availability by performing multiple initial VPN req… CWE-400
 Uncontrolled Resource Consumption 		CVE-2017-7935 2024-11-21 12:32 2017-05-19 Show GitHub Exploit DB Packet Storm
255333 6.6 MEDIUM
Local 		schneider-electric wonderware_historian_client An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware Historian Client 2014 R2 SP1 and prior. An improperly restricted XML parser (with improper restriction of XM… CWE-611
XXE 		CVE-2017-7907 2024-11-21 12:32 2017-05-19 Show GitHub Exploit DB Packet Storm
255334 9.8 CRITICAL
Network 		redhat jboss_enterprise_application_platform It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read fil… CWE-611
XXE 		CVE-2017-7503 2024-11-21 12:32 2017-05-19 Show GitHub Exploit DB Packet Storm
255335 7.8 HIGH
Local 		qemu
debian 		qemu
debian_linux 		Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs meta… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2017-7493 2024-11-21 12:32 2017-05-18 Show GitHub Exploit DB Packet Storm
255336 4.3 MEDIUM
Network 		authconfig_project authconfig Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames. CWE-200
Information Exposure 		CVE-2017-7488 2024-11-21 12:32 2017-05-17 Show GitHub Exploit DB Packet Storm
255337 8.8 HIGH
Network 		apache cxf_fediz Apache CXF Fediz ships with an OpenId Connect (OIDC) service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF (Cross … CWE-352
 Origin Validation Error 		CVE-2017-7662 2024-11-21 12:32 2017-05-17 Show GitHub Exploit DB Packet Storm
255338 8.8 HIGH
Network 		apache cxf_fediz Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style Request Forgery) style vulnerability has been found in the Spring 2, S… CWE-352
 Origin Validation Error 		CVE-2017-7661 2024-11-21 12:32 2017-05-17 Show GitHub Exploit DB Packet Storm
255339 5.5 MEDIUM
Local 		linux linux_kernel fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from ot… CWE-200
Information Exposure 		CVE-2017-7495 2024-11-21 12:32 2017-05-16 Show GitHub Exploit DB Packet Storm
255340 4.3 MEDIUM
Network 		moodle moodle In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting. CWE-352
 Origin Validation Error 		CVE-2017-7491 2024-11-21 12:32 2017-05-15 Show GitHub Exploit DB Packet Storm