Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
441 7.2 重要
Network 		オラクル Cost Management オラクルのCost Managementにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46938 2026-06-22 11:33 2026-06-17 Show GitHub Exploit DB Packet Storm
442 8.1 重要
Network 		オラクル Configure-to-Order オラクルのConfigure-to-Orderにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46939 2026-06-22 11:33 2026-06-17 Show GitHub Exploit DB Packet Storm
443 8.8 重要
Network 		オラクル Cost Management オラクルのCost Managementにおける複数の脆弱性 New CWE-269
CWE-284
CWE-287
CWE-306
CVE-2026-46940 2026-06-22 11:33 2026-06-17 Show GitHub Exploit DB Packet Storm
444 8.8 重要
Network 		オラクル Oracle Process Manufacturing Process Planning オラクルのOracle Process Manufacturing Process Planningにおける複数の脆弱性 New CWE-269
CWE-284
CWE-287
CWE-306
CVE-2026-46942 2026-06-22 11:33 2026-06-17 Show GitHub Exploit DB Packet Storm
445 8.8 重要
Network 		オラクル Oracle Quality オラクルのOracle Qualityにおける複数の脆弱性 New CWE-269
CWE-287
CWE-306
CVE-2026-46951 2026-06-22 11:33 2026-06-17 Show GitHub Exploit DB Packet Storm
446 8.8 重要
Network 		オラクル Oracle Quality オラクルのOracle Qualityにおける複数の脆弱性 New CWE-269
CWE-287
CWE-306
CVE-2026-46952 2026-06-22 11:33 2026-06-17 Show GitHub Exploit DB Packet Storm
447 7.2 重要
Network 		オラクル Oracle Human Resource Management Software オラクルのOracle Human Resource Management Softwareにおける権限管理に関する脆弱性 New CWE-269
不適切な権限管理 		CVE-2026-46953 2026-06-22 11:33 2026-06-17 Show GitHub Exploit DB Packet Storm
448 7.2 重要
Network 		オラクル Oracle Property Manager オラクルのOracle Property Managerにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46956 2026-06-22 11:33 2026-06-17 Show GitHub Exploit DB Packet Storm
449 7.2 重要
Network 		オラクル Oracle Project Portfolio Analysis オラクルのOracle Project Portfolio Analysisにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46960 2026-06-22 11:33 2026-06-17 Show GitHub Exploit DB Packet Storm
450 8.8 重要
Network 		オラクル Oracle Project Portfolio Analysis オラクルのOracle Project Portfolio Analysisにおける複数の脆弱性 New CWE-269
CWE-287
CWE-306
CVE-2026-46961 2026-06-22 11:33 2026-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
254551 4.6 MEDIUM
Physics 		whatsapp whatsapp Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for cleartext storage of files (Audio, Documents, Images, Video, and Voice Notes) associated with a chat, even after that chat… CWE-311
Missing Encryption of Sensitive Data 		CVE-2017-8769 2024-11-21 12:34 2017-05-18 Show GitHub Exploit DB Packet Storm
254552 9.8 CRITICAL
Network 		joomla joomla\! SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2017-8917 2024-11-21 12:34 2017-05-18 Show GitHub Exploit DB Packet Storm
254553 7.8 HIGH
Local 		smb4k_project
debian 		smb4k
debian_linux 		smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service. CWE-20
 Improper Input Validation  		CVE-2017-8849 2024-11-21 12:34 2017-05-17 Show GitHub Exploit DB Packet Storm
254554 7.8 HIGH
Local 		kde kauth
kdelibs 		KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. CWE-290
 Authentication Bypass by Spoofing 		CVE-2017-8422 2024-11-21 12:34 2017-05-17 Show GitHub Exploit DB Packet Storm
254555 7.8 HIGH
Local 		cgmlarson vizex_reader Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8927 2024-11-21 12:34 2017-05-16 Show GitHub Exploit DB Packet Storm
254556 7.8 HIGH
Local 		halliburton logview_pro Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8926 2024-11-21 12:34 2017-05-16 Show GitHub Exploit DB Packet Storm
254557 8.8 HIGH
Network 		mailcow mailcow\ mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF. CWE-352
 Origin Validation Error 		CVE-2017-8928 2024-11-21 12:34 2017-05-15 Show GitHub Exploit DB Packet Storm
254558 5.5 MEDIUM
Local 		linux
debian 		linux_kernel
debian_linux 		The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling. CWE-404
 Improper Resource Shutdown or Release 		CVE-2017-8925 2024-11-21 12:34 2017-05-13 Show GitHub Exploit DB Packet Storm
254559 4.6 MEDIUM
Physics 		linux
debian 		linux_kernel
debian_linux 		The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uniniti… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2017-8924 2024-11-21 12:34 2017-05-13 Show GitHub Exploit DB Packet Storm
254560 9.8 CRITICAL
Network 		php php The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial… CWE-787
 Out-of-bounds Write 		CVE-2017-8923 2024-11-21 12:34 2017-05-13 Show GitHub Exploit DB Packet Storm