Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 25, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
351	5.9	警告 Network	VMware	Spring Data MongoDB	VMwareのSpring Data MongoDBにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 New	CWE-943 データクエリロジックの特殊要素の不適切な中立化	CVE-2026-41696	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

352	8.1	重要 Network	VMware	Spring Data MongoDB	VMwareのSpring Data MongoDBにおける言語構文の表現に使用される特殊な要素の不適切な無効化に関する脆弱性 New	CWE-917 言語構文の表現に使用される特殊な要素の不適切な無効化	CVE-2026-41717	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

353	6.5	警告 Network	VMware	spring for apache kafka	VMwareのspring for apache kafkaにおける入力確認に関する脆弱性 New	CWE-20 不適切な入力確認	CVE-2026-41727	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

354	7.5	重要 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-41728	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

355	8.1	重要 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおける言語構文の表現に使用される特殊な要素の不適切な無効化に関する脆弱性 New	CWE-917 言語構文の表現に使用される特殊な要素の不適切な無効化	CVE-2026-41729	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

356	5.3	警告 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおけるエラーメッセージによる情報漏えいに関する脆弱性 New	CWE-209 エラーメッセージによる情報漏えい	CVE-2026-41730	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

357	8.1	重要 Network	VMware	spring for apache kafka	VMwareのspring for apache kafkaにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-41731	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

358	5.3	警告 Network	VMware	Spring Data REST	VMwareのSpring Data RESTにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-41837	2026-06-23 10:00	2026-06-10	Show	GitHub Exploit DB Packet Storm

359	9.9	緊急 Network	オラクル	MySQL Shell	オラクルのMySQL Shellにおけるコードインジェクションの脆弱性 New	CWE-94 コード・インジェクション	CVE-2026-46850	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

360	8.5	重要 Network	オラクル	MySQL Shell	オラクルのMySQL Shellにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-46870	2026-06-23 10:00	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 25, 2026, 4:04 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191521	8.8	HIGH Network	f-secure	internet_gatekeeper	A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. An authenticated user can modify settings through the web user interface in a way that could lead to an arbit…	NVD-CWE-noinfo	CVE-2021-33601	2024-11-21 15:09	2021-09-28	Show	GitHub Exploit DB Packet Storm

191522	7.5	HIGH Network	f-secure	internet_gatekeeper	A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed H…	CWE-617 Reachable Assertion	CVE-2021-33600	2024-11-21 15:09	2021-09-28	Show	GitHub Exploit DB Packet Storm

191523	9.8	CRITICAL Network	zoom	meetings	The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This coul…	CWE-295 Improper Certificate Validation	CVE-2021-33907	2024-11-21 15:09	2021-09-27	Show	GitHub Exploit DB Packet Storm

191524	8.1	HIGH Network	sap	netweaver_portal	The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated atta…	-	CVE-2021-33705	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191525	8.8	HIGH Network	sap	business_one	The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that would otherwise be restricted to specific users. For an attacker to discover t…	CWE-862 Missing Authorization	CVE-2021-33704	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191526	9.1	CRITICAL Network	sap	dmis sapscore s4core	DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, a…	-	CVE-2021-33701	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191527	7.8	HIGH Local	sap	business_one	SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could …	CWE-287 Improper Authentication	CVE-2021-33700	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191528	8.8	HIGH Network	sap	business_one	SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files) without the proper file format validation.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-33698	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191529	6.1	MEDIUM Network	sap	businessobjects_business_intelligence	Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated attacker to redirect users to a malicious site due to Reverse …	CWE-269 Improper Privilege Management	CVE-2021-33697	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm

191530	5.4	MEDIUM Network	sap	businessobjects_business_intelligence	SAP BusinessObjects Business Intelligence Platform (Crystal Report), versions - 420, 430, does not sufficiently encode user controlled inputs and therefore an authorized attacker can exploit a XSS vu…	CWE-79 Cross-site Scripting	CVE-2021-33696	2024-11-21 15:09	2021-09-16	Show	GitHub Exploit DB Packet Storm