Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
411 6.5 警告
Network 		オラクル MySQL Shell オラクルのMySQL Shellにおけるクロスサイトリクエストフォージェリの脆弱性 New CWE-352
同一生成元ポリシー違反 		CVE-2026-46869 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
412 9 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性 New CWE-284
CWE-noinfo
CVE-2026-46872 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
413 7.5 重要
Local 		オラクル Oracle VM VirtualBox オラクルのOracle VM VirtualBoxにおける権限管理に関する脆弱性 New CWE-269
不適切な権限管理 		CVE-2026-46873 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
414 3.2
Local 		オラクル Oracle VM VirtualBox オラクルのOracle VM VirtualBoxにおける情報漏えいに関する脆弱性 New CWE-200
情報漏えい 		CVE-2026-46874 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
415 9.1 緊急
Network 		- オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性 New CWE-284
CWE-noinfo
CVE-2026-46875 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
416 6 警告
Local 		オラクル Oracle VM VirtualBox オラクルのOracle VM VirtualBoxにおける権限管理に関する脆弱性 New CWE-269
不適切な権限管理 		CVE-2026-46877 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
417 9.8 緊急
Network 		オラクル JD Edwards EnterpriseOne Tools オラクルのJD Edwards EnterpriseOne Toolsにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46878 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
418 9.8 緊急
Network 		オラクル JD Edwards EnterpriseOne Tools オラクルのJD Edwards EnterpriseOne Toolsにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-46879 2026-06-22 11:52 2026-06-17 Show GitHub Exploit DB Packet Storm
419 9.8 緊急
Network 		オラクル JD Edwards EnterpriseOne Tools オラクルのJD Edwards EnterpriseOne Toolsにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46880 2026-06-22 11:51 2026-06-17 Show GitHub Exploit DB Packet Storm
420 9.8 緊急
Network 		オラクル JD Edwards EnterpriseOne Tools オラクルのJD Edwards EnterpriseOne Toolsにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46881 2026-06-22 11:51 2026-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
256221 7.8 HIGH
Local 		audiofile audiofile Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impa… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-6827 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256222 6.1 MEDIUM
Network 		shishnet shimmie An issue was discovered in Shimmie <= 2.5.1. The vulnerability exists due to insufficient filtration of user-supplied data (log) passed to the "shimmie2-master/ext/chatbox/history/index.php" URL. An … CWE-79
Cross-site Scripting 		CVE-2017-6909 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256223 6.1 MEDIUM
Network 		concrete5 concrete5 An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (fID) passed to the "concrete5-legacy-master/web/concrete/tools/files/se… CWE-79
Cross-site Scripting 		CVE-2017-6908 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256224 6.1 MEDIUM
Network 		open.gl_project open.gl An issue was discovered in Open.GL before 2017-03-13. The vulnerability exists due to insufficient filtration of user-supplied data (content) passed to the "Open.GL-master/index.php" URL. An attacker… CWE-79
Cross-site Scripting 		CVE-2017-6907 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256225 6.1 MEDIUM
Network 		siberiancms siberiancms An issue was discovered in SiberianCMS before 4.10.0. The vulnerability exists due to insufficient filtration of user-supplied data (log) passed to the "SiberianCMS-master/errors/500.php" URL. An a… CWE-79
Cross-site Scripting 		CVE-2017-6906 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256226 6.1 MEDIUM
Network 		concrete5 concrete5 An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (disable_choose) passed to the "concrete5-legacy-master/web/concrete/too… CWE-79
Cross-site Scripting 		CVE-2017-6905 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256227 7.8 HIGH
Local 		ioquake3 ioquake3 In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 (aka Quake 3 engin… NVD-CWE-noinfo
CVE-2017-6903 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256228 8.8 HIGH
Network 		digisol dg-hr1400_router_firmware Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wireless router enables an attacker to escalate from user privilege to admin privilege just by modifying the Base64-encoded session… CWE-565
 Reliance on Cookies without Validation and Integrity Checking 		CVE-2017-6896 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
256229 4.7 MEDIUM
Local 		foxitsoftware foxit_reader
phantompdf 		The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read a… CWE-125
Out-of-bounds Read 		CVE-2017-6883 2024-11-21 12:30 2017-03-14 Show GitHub Exploit DB Packet Storm
256230 6.1 MEDIUM
Network 		lutim_project lutim Cross-site scripting (XSS) vulnerability in SVG file handling in Lutim 0.7.1 and earlier allows remote attackers to inject arbitrary web script. CWE-79
Cross-site Scripting 		CVE-2017-6877 2024-11-21 12:30 2017-03-14 Show GitHub Exploit DB Packet Storm