Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
371 9.8 緊急
Network 		- オラクルのOracle WebCenter Sites Support Toolsにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
CWE-noinfo
CVE-2026-46799 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
372 10 緊急
Network 		- オラクルのOracle WebCenter Sites Support Toolsにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
CWE-noinfo
CVE-2026-46800 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
373 9.8 緊急
Network 		- オラクルのOracle WebCenter Sites Support Toolsにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
CWE-noinfo
CVE-2026-46801 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
374 9.9 緊急
Network 		オラクル Oracle WebCenter Portal オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46802 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
375 10 緊急
Network 		オラクル Oracle WebCenter Portal オラクルのOracle WebCenter Portalにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-46803 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
376 8.7 重要
Network 		オラクル Oracle WebCenter Content オラクルのOracle WebCenter Contentにおける権限管理に関する脆弱性 New CWE-269
CWE-noinfo
CVE-2026-46804 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
377 9.3 緊急
Network 		オラクル Oracle WebCenter Content オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46805 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
378 8.2 重要
Network 		オラクル Oracle WebCenter Content オラクルのOracle WebCenter Contentにおけるオープンリダイレクトの脆弱性 New CWE-601
オープンリダイレクト 		CVE-2026-46806 2026-06-22 11:54 2026-06-17 Show GitHub Exploit DB Packet Storm
379 9.8 緊急
Network 		オラクル Oracle Identity Manager オラクルのOracle Identity Managerにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-46807 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
380 8.7 重要
Network 		オラクル Oracle WebCenter Content オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46808 2026-06-22 11:53 2026-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
254551 4.6 MEDIUM
Physics 		whatsapp whatsapp Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for cleartext storage of files (Audio, Documents, Images, Video, and Voice Notes) associated with a chat, even after that chat… CWE-311
Missing Encryption of Sensitive Data 		CVE-2017-8769 2024-11-21 12:34 2017-05-18 Show GitHub Exploit DB Packet Storm
254552 9.8 CRITICAL
Network 		joomla joomla\! SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2017-8917 2024-11-21 12:34 2017-05-18 Show GitHub Exploit DB Packet Storm
254553 7.8 HIGH
Local 		smb4k_project
debian 		smb4k
debian_linux 		smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service. CWE-20
 Improper Input Validation  		CVE-2017-8849 2024-11-21 12:34 2017-05-17 Show GitHub Exploit DB Packet Storm
254554 7.8 HIGH
Local 		kde kauth
kdelibs 		KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. CWE-290
 Authentication Bypass by Spoofing 		CVE-2017-8422 2024-11-21 12:34 2017-05-17 Show GitHub Exploit DB Packet Storm
254555 7.8 HIGH
Local 		cgmlarson vizex_reader Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8927 2024-11-21 12:34 2017-05-16 Show GitHub Exploit DB Packet Storm
254556 7.8 HIGH
Local 		halliburton logview_pro Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8926 2024-11-21 12:34 2017-05-16 Show GitHub Exploit DB Packet Storm
254557 8.8 HIGH
Network 		mailcow mailcow\ mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF. CWE-352
 Origin Validation Error 		CVE-2017-8928 2024-11-21 12:34 2017-05-15 Show GitHub Exploit DB Packet Storm
254558 5.5 MEDIUM
Local 		linux
debian 		linux_kernel
debian_linux 		The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling. CWE-404
 Improper Resource Shutdown or Release 		CVE-2017-8925 2024-11-21 12:34 2017-05-13 Show GitHub Exploit DB Packet Storm
254559 4.6 MEDIUM
Physics 		linux
debian 		linux_kernel
debian_linux 		The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uniniti… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2017-8924 2024-11-21 12:34 2017-05-13 Show GitHub Exploit DB Packet Storm
254560 9.8 CRITICAL
Network 		php php The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial… CWE-787
 Out-of-bounds Write 		CVE-2017-8923 2024-11-21 12:34 2017-05-13 Show GitHub Exploit DB Packet Storm