Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
631	7.1	重要 Local	マイクロソフト	Microsoft Word Microsoft Excel Microsoft PowerPoint	Office for Android のなりすましの脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-45649	2026-06-22 11:55	2026-06-9	Show	GitHub Exploit DB Packet Storm

632	6.8	警告 Network	Discourse	Discourse	Discourseにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-45775	2026-06-22 11:55	2026-06-12	Show	GitHub Exploit DB Packet Storm

633	9.9	緊急 Network	オラクル	Oracle WebCenter Portal	オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46765	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

634	9.8	緊急 Network	オラクル	Oracle WebCenter Content	オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46766	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

635	9.9	緊急 Network	オラクル	Oracle WebCenter Portal	オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46767	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

636	6	警告 Local	オラクル	Oracle VM VirtualBox	オラクルのOracle VM VirtualBoxにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46768	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

637	7.2	重要 Network	オラクル	Oracle Application Development Framework (Oracle ADF)	オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46769	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

638	6.1	警告 Network	オラクル	Oracle Application Development Framework (Oracle ADF)	オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46770	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

639	4.1	警告 Local	オラクル	Oracle Application Development Framework (Oracle ADF)	オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46771	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

640	4.7	警告 Local	オラクル	Oracle Application Development Framework (Oracle ADF)	オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46772	2026-06-22 11:55	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191251	4.3	MEDIUM Network	sap	business_one	SAP Business One version - 10, due to improper input validation, allows an authenticated User to gain access to directory and view the contents of index in the directory, which would otherwise be res…	CWE-22 Path Traversal	CVE-2021-37532	2024-11-21 15:15	2021-09-14	Show	GitHub Exploit DB Packet Storm

191252	8.8	HIGH Network	sap	netweaver_knowledge_management_xml_forms	SAP NetWeaver Knowledge Management XML Forms versions - 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, contains an XSLT vulnerability which allows a non-administrative authenticated attacker to craft a maliciou…	CWE-78 OS Command	CVE-2021-37531	2024-11-21 15:15	2021-09-14	Show	GitHub Exploit DB Packet Storm

191253	9.8	CRITICAL Network	zohocorp	manageengine_adselfservice_plus	Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to SQL Injection while linking the databases.	CWE-89 SQL Injection	CVE-2021-37422	2024-11-21 15:15	2021-09-11	Show	GitHub Exploit DB Packet Storm

191254	9.8	CRITICAL Network	zohocorp	manageengine_adselfservice_plus	Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover.	NVD-CWE-noinfo	CVE-2021-37423	2024-11-21 15:15	2021-09-11	Show	GitHub Exploit DB Packet Storm

191255	7.5	HIGH Network	zohocorp	manageengine_desktop_central	Zoho ManageEngine DesktopCentral before 10.0.709 allows anyone to get a valid user's APIKEY without authentication.	CWE-287 Improper Authentication	CVE-2021-37414	2024-11-21 15:15	2021-09-11	Show	GitHub Exploit DB Packet Storm

191256	9.8	CRITICAL Network	apache	dubbo	The Dubbo Provider will check the incoming request and the corresponding serialization type of this request meet the configuration set by the server. But there's an exception that the attacker can us…	CWE-502 Deserialization of Untrusted Data	CVE-2021-37579	2024-11-21 15:15	2021-09-9	Show	GitHub Exploit DB Packet Storm

191257	5.3	MEDIUM Network	nextcloud	richdocuments	Nextcloud Richdocuments is an open source collaborative office suite. In affected versions there is a lack of rate limiting on the Richdocuments OCS endpoint. This may have allowed an attacker to enu…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2021-37629	2024-11-21 15:15	2021-09-8	Show	GitHub Exploit DB Packet Storm

191258	7.5	HIGH Network	nextcloud	richdocuments	Nextcloud Richdocuments is an open source collaborative office suite. In affected versions the File Drop features ("Upload Only" public link shares in Nextcloud) can be bypassed using the Nextcloud R…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2021-37628	2024-11-21 15:15	2021-09-8	Show	GitHub Exploit DB Packet Storm

191259	6.5	MEDIUM Network	nextcloud	deck	Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn't properl…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2021-37631	2024-11-21 15:15	2021-09-8	Show	GitHub Exploit DB Packet Storm

191260	6.5	MEDIUM Network	nextcloud	circles	Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application allowed any user to join any "Secret Circle" without appro…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2021-37630	2024-11-21 15:15	2021-09-8	Show	GitHub Exploit DB Packet Storm