Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
541 7.8 重要
Local 		マイクロソフト Microsoft Office 2024 Long-Term Servicing Channel Edition
Microsoft Office 2021 Long Term Servicing Channel Edition
Microsoft&nb… 		Microsoft Word のリモートでコードが実行される脆弱性 CWE-822
信頼性のないポインタデリファレンス 		CVE-2026-45643 2026-06-12 14:34 2026-06-9 Show GitHub Exploit DB Packet Storm
542 8.4 重要
Local 		マイクロソフト Microsoft Office 2024 Long-Term Servicing Channel Edition Microsoft Outlook および Word のリモートでコードが実行される脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-47635 2026-06-12 14:34 2026-06-9 Show GitHub Exploit DB Packet Storm
543 6.5 警告
Network 		ERLANG
chilkat software		 Erlang/OTP
Erlang/Inets (Inets)
ftp 		ERLANGのErlang/Inets (Inets)等の複数製品におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-48858 2026-06-12 14:34 2026-06-10 Show GitHub Exploit DB Packet Storm
544 7.1 重要
Local 		- アップルのmacOSにおける競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2022-26758 2026-06-12 14:34 2026-06-10 Show GitHub Exploit DB Packet Storm
545 3.5
Physics 		- アップルのmacOSにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2022-48575 2026-06-12 14:34 2026-06-10 Show GitHub Exploit DB Packet Storm
546 4 警告
Local 		NSA Ghidra NSAのGhidraにおける未定義、未指定、または実装定義の動作への依存に関する脆弱性 CWE-758
未定義、未指定、または実装定義の動作への依存 		CVE-2024-58350 2026-06-12 14:34 2026-06-10 Show GitHub Exploit DB Packet Storm
547 6 警告
Local 		NVIDIA gpu display driver NVIDIAのgpu display driverにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2025-33221 2026-06-12 14:34 2026-05-26 Show GitHub Exploit DB Packet Storm
548 6.7 警告
Local 		フォーティネット FortiProxy
FortiOS 		フォーティネットのFortiOS等の複数製品における安全でないデバッグアクセスレベルまたは状態にさらされた内部アセットに関する脆弱性 CWE-1244
安全でないデバッグアクセスレベルまたは状態にさらされた内部アセット 		CVE-2025-67862 2026-06-12 14:34 2026-06-9 Show GitHub Exploit DB Packet Storm
549 7.8 重要
Local 		SQLite SQLite SQLiteにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-11822 2026-06-12 14:34 2026-06-9 Show GitHub Exploit DB Packet Storm
550 7.8 重要
Local 		SQLite SQLite SQLiteにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-11824 2026-06-12 14:34 2026-06-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
254991 9.8 CRITICAL
Network 		sap trex A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592. CWE-94
Code Injection 		CVE-2017-7691 2024-11-21 12:32 2017-04-12 Show GitHub Exploit DB Packet Storm
254992 9.8 CRITICAL
Network 		schneider-electric homelynk_controller_lss100100_firmware A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0. CWE-77
Command Injection 		CVE-2017-7689 2024-11-21 12:32 2017-04-12 Show GitHub Exploit DB Packet Storm
254993 6.1 MEDIUM
Network 		auromeera emli Cross Site Scripting Vulnerability in core-eMLi in AuroMeera Technometrix Pvt. Ltd. eMLi V1.0 allows an Attacker to send malicious code, generally in the form of a browser-side script, to a different… CWE-79
Cross-site Scripting 		CVE-2017-7621 2024-11-21 12:32 2017-04-11 Show GitHub Exploit DB Packet Storm
254994 8.1 HIGH
Network 		foscam fi9800xe
r2
c1
fi9826p
c1_lite
fi9903p
fi9928p
fi9853ep
fi9851p
c2
fi9901ep
fi9828p 		Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging kn… CWE-798
 Use of Hard-coded Credentials 		CVE-2017-7648 2024-11-21 12:32 2017-04-11 Show GitHub Exploit DB Packet Storm
254995 8.8 HIGH
Network 		solarwinds log_\&_event_manager SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands. NVD-CWE-noinfo
CVE-2017-7647 2024-11-21 12:32 2017-04-11 Show GitHub Exploit DB Packet Storm
254996 6.5 MEDIUM
Network 		solarwinds log_\&_event_manager SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within. CWE-200
Information Exposure 		CVE-2017-7646 2024-11-21 12:32 2017-04-11 Show GitHub Exploit DB Packet Storm
254997 9.8 CRITICAL
Network 		fiyo fiyo_cms In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code. CWE-94
Code Injection 		CVE-2017-7625 2024-11-21 12:32 2017-04-11 Show GitHub Exploit DB Packet Storm
254998 5.5 MEDIUM
Local 		entropymine imageworsener The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2017-7624 2024-11-21 12:32 2017-04-11 Show GitHub Exploit DB Packet Storm
254999 5.5 MEDIUM
Local 		entropymine imageworsener The iwmiffr_convert_row32 function in imagew-miff.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. CWE-125
Out-of-bounds Read 		CVE-2017-7623 2024-11-21 12:32 2017-04-11 Show GitHub Exploit DB Packet Storm
255000 8.8 HIGH
Network 		deepin deepin_desktop_environment dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. Any… CWE-862
 Missing Authorization 		CVE-2017-7622 2024-11-21 12:32 2017-04-11 Show GitHub Exploit DB Packet Storm