Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
681	8.8	重要 Network	オラクル	Oracle WebCenter Content	オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-35325	2026-06-22 11:38	2026-06-17	Show	GitHub Exploit DB Packet Storm

682	7.2	重要 Network	オラクル	Oracle WebCenter Content	オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-35326	2026-06-22 11:38	2026-06-17	Show	GitHub Exploit DB Packet Storm

683	7.6	重要 Network	オラクル	Oracle WebCenter Content	オラクルのOracle WebCenter Contentにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-35327	2026-06-22 11:38	2026-06-17	Show	GitHub Exploit DB Packet Storm

684	7.3	重要 Local	マイクロソフト	Microsoft .NET Framework .NET	.NET の特権の昇格の脆弱性 New	CWE-190 CWE-20 CWE-noinfo	CVE-2026-35433	2026-06-22 11:38	2026-05-12	Show	GitHub Exploit DB Packet Storm

685	7.1	重要 Local	Linux Foundation	Kedro	Linux FoundationのKedroにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2026-3840	2026-06-22 11:38	2026-06-12	Show	GitHub Exploit DB Packet Storm

686	8.8	重要 Network	マイクロソフト	SQL Server 2016 SQL Server 2019 SQL Server 2025 SQL Server 2022 SQL Server 2017	SQL Server のリモートコードが実行される脆弱性 New	CWE-610 CWE-73	CVE-2026-40370	2026-06-22 11:38	2026-05-12	Show	GitHub Exploit DB Packet Storm

687	8.8	重要 Network	マイクロソフト	Microsoft Dynamics 365	Microsoft Dynamics 365 (オンプレミス) の特権昇格の脆弱性 New	CWE-280 CWE-755	CVE-2026-40371	2026-06-22 11:38	2026-06-9	Show	GitHub Exploit DB Packet Storm

688	7.2	重要 Network	VMware	Spring Security	VMwareのSpring Securityにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-40993	2026-06-22 11:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

689	8.4	重要 Network	マイクロソフト	Azure Stack Edge	Azure Stack Edge のなりすましの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41098	2026-06-22 11:38	2026-06-9	Show	GitHub Exploit DB Packet Storm

690	5.3	警告 Network	opentelemetry	opentelemetry	opentelemetryにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 New	CWE-789 過剰なサイズ値のメモリ割り当て	CVE-2026-41178	2026-06-22 11:38	2026-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
320491	6.7	MEDIUM Local	-	-	An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execu…	-	CVE-2024-45105	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

320492	6.8	MEDIUM Network	-	-	A privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that could allow an attacker to intercept a valid, authenticated LXCA user’s XCC session if they can convince …	-	CVE-2024-45101	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

320493	-		-	-	A potential buffer overflow vulnerability was reported in some Lenovo Notebook products that could allow a local attacker with elevated privileges to execute arbitrary code.	-	CVE-2024-3100	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

320494	-		-	-	The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a challenge-response protocol. However, there's an observed anomaly in the H2-DM1E PLC's protocol execu…	CWE-384 Session Fixation	CVE-2024-45368	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

320495	-		-	-	The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to ma…	-	CVE-2024-43099	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

320496	7.5	HIGH Network	fastadmin	fastadmin	A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipula…	CWE-22 Path Traversal	CVE-2024-7928	2024-09-14 06:33	2024-08-20	Show	GitHub Exploit DB Packet Storm

320497	9.8	CRITICAL Network	eyecix	jobsearch_wp_job_board	Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3.	CWE-502 Deserialization of Untrusted Data	CVE-2024-43931	2024-09-14 06:22	2024-08-30	Show	GitHub Exploit DB Packet Storm

320498	5.4	MEDIUM Network	qnap	notes_station_3	A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We hav…	CWE-79 Cross-site Scripting	CVE-2024-27122	2024-09-14 06:16	2024-09-7	Show	GitHub Exploit DB Packet Storm

320499	5.3	MEDIUM Network	-	-	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.	-	CVE-2024-40430	2024-09-14 06:15	2024-07-22	Show	GitHub Exploit DB Packet Storm

320500	8.8	HIGH Network	qnap	qts quts_hero	An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTSclou…	CWE-78 OS Command	CVE-2023-34974	2024-09-14 06:14	2024-09-7	Show	GitHub Exploit DB Packet Storm