Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 24, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
341 6.8 警告
Network 		Discourse Discourse Discourseにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-45775 2026-06-22 11:55 2026-06-12 Show GitHub Exploit DB Packet Storm
342 9.9 緊急
Network 		オラクル Oracle WebCenter Portal オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46765 2026-06-22 11:55 2026-06-17 Show GitHub Exploit DB Packet Storm
343 9.8 緊急
Network 		オラクル Oracle WebCenter Content オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46766 2026-06-22 11:55 2026-06-17 Show GitHub Exploit DB Packet Storm
344 9.9 緊急
Network 		オラクル Oracle WebCenter Portal オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46767 2026-06-22 11:55 2026-06-17 Show GitHub Exploit DB Packet Storm
345 6 警告
Local 		オラクル Oracle VM VirtualBox オラクルのOracle VM VirtualBoxにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46768 2026-06-22 11:55 2026-06-17 Show GitHub Exploit DB Packet Storm
346 7.2 重要
Network 		オラクル Oracle Application Development Framework (Oracle ADF) オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46769 2026-06-22 11:55 2026-06-17 Show GitHub Exploit DB Packet Storm
347 6.1 警告
Network 		オラクル Oracle Application Development Framework (Oracle ADF) オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46770 2026-06-22 11:55 2026-06-17 Show GitHub Exploit DB Packet Storm
348 4.1 警告
Local 		オラクル Oracle Application Development Framework (Oracle ADF) オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46771 2026-06-22 11:55 2026-06-17 Show GitHub Exploit DB Packet Storm
349 4.7 警告
Local 		オラクル Oracle Application Development Framework (Oracle ADF) オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46772 2026-06-22 11:55 2026-06-17 Show GitHub Exploit DB Packet Storm
350 9.8 緊急
Network 		オラクル Oracle Unified Directory オラクルのOracle Unified Directoryにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46773 2026-06-22 11:55 2026-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191421 9.8 CRITICAL
Network 		wms_project wms An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function. NVD-CWE-noinfo
CVE-2021-33949 2024-11-21 15:09 2023-02-18 Show GitHub Exploit DB Packet Storm
191422 9.8 CRITICAL
Network 		hotels_server_project hotels_server SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter. CWE-89
SQL Injection 		CVE-2021-33948 2024-11-21 15:09 2023-02-18 Show GitHub Exploit DB Packet Storm
191423 8.8 HIGH
Network 		plone plone An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2021-33926 2024-11-21 15:09 2023-02-18 Show GitHub Exploit DB Packet Storm
191424 7.5 HIGH
Network 		seopanel seo_panel SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information. CWE-89
SQL Injection 		CVE-2021-34117 2024-11-21 15:09 2023-02-16 Show GitHub Exploit DB Packet Storm
191425 9.8 CRITICAL
Network 		cms-corephp_project cms-corephp SQL Injection vulnerability in nitinparashar30 cms-corephp through commit bdabe52ef282846823bda102728a35506d0ec8f9 (May 19, 2021) allows unauthenticated attackers to gain escilated privledges via a c… CWE-89
SQL Injection 		CVE-2021-33925 2024-11-21 15:09 2023-02-16 Show GitHub Exploit DB Packet Storm
191426 5.5 MEDIUM
Local 		openeuler byacc When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function. CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2021-33642 2024-11-21 15:09 2023-01-21 Show GitHub Exploit DB Packet Storm
191427 7.8 HIGH
Local 		openeuler byacc When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory (use after free). CWE-416
 Use After Free 		CVE-2021-33641 2024-11-21 15:09 2023-01-21 Show GitHub Exploit DB Packet Storm
191428 7.5 HIGH
Network 		plex media_server Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service. CWE-346
 Origin Validation Error 		CVE-2021-33959 2024-11-21 15:09 2023-01-18 Show GitHub Exploit DB Packet Storm
191429 9.8 CRITICAL
Network 		huawei
fedoraproject 		openeuler
fedora 		After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a re… CWE-416
 Use After Free 		CVE-2021-33640 2024-11-21 15:09 2022-12-20 Show GitHub Exploit DB Packet Storm
191430 5.4 MEDIUM
Network 		tomexam tomexam Cross Site Scripting (XSS) vulnerability in TomExam 3.0 via p_name parameter to list.thtml. CWE-79
Cross-site Scripting 		CVE-2021-34181 2024-11-21 15:09 2022-12-6 Show GitHub Exploit DB Packet Storm