Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
691	9.9	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46855	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

692	9.6	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-noinfo	CVE-2026-46856	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

693	9.8	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46857	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

694	9.1	緊急 Network	オラクル	Oracle Application Performance Management	オラクルのOracle Application Performance Managementにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46858	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

695	9.8	緊急 Network	オラクル	Oracle Agile PLM	オラクルのOracle Agile PLMにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-46859	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

696	7.5	重要 Network	オラクル	MySQL Cluster MySQL Server	オラクルのMySQL Cluster等の複数製品におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-46863	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

697	8.8	重要 Network		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46864	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

698	8.2	重要 Local		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46865	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

699	8.2	重要 Network		-	オラクルのEnterprise Manager Base Platformにおけるリソースの枯渇に関する脆弱性	CWE-400 CWE-noinfo	CVE-2026-46866	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

700	7.2	重要 Network		-	オラクルのEnterprise Manager Base Platformにおける権限管理に関する脆弱性	CWE-269 CWE-noinfo	CVE-2026-46867	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
190811	8.8	HIGH Network	auvesy	versiondog	The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions.	NVD-CWE-noinfo	CVE-2021-38475	2024-11-21 15:17	2021-10-22	Show	GitHub Exploit DB Packet Storm

190812	8.8	HIGH Network	auvesy	versiondog	The affected product’s code base doesn’t properly control arguments for specific functions, which could lead to a stack overflow.	CWE-787 Out-of-bounds Write	CVE-2021-38473	2024-11-21 15:17	2021-10-22	Show	GitHub Exploit DB Packet Storm

190813	9.1	CRITICAL Network	auvesy	versiondog	There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files.	-	CVE-2021-38471	2024-11-21 15:17	2021-10-22	Show	GitHub Exploit DB Packet Storm

190814	7.1	HIGH Local	auvesy	versiondog	Many of the services used by the affected product do not specify full paths for the DLLs they are loading. An attacker can exploit the uncontrolled search path by implanting their own DLL near the af…	-	CVE-2021-38469	2024-11-21 15:17	2021-10-22	Show	GitHub Exploit DB Packet Storm

190815	8.1	HIGH Network	auvesy	versiondog	A specific function code receives a raw pointer supplied by the user and deallocates this pointer. The user can then control what memory regions will be freed and cause use-after-free condition.	-	CVE-2021-38467	2024-11-21 15:17	2021-10-22	Show	GitHub Exploit DB Packet Storm

190816	6.5	MEDIUM Network	auvesy	versiondog	The webinstaller is a Golang web server executable that enables the generation of an Auvesy image agent. Resource consumption can be achieved by generating large amounts of installations, which are t…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2021-38465	2024-11-21 15:17	2021-10-22	Show	GitHub Exploit DB Packet Storm

190817	8.1	HIGH Network	auvesy	versiondog	The affected product does not properly control the allocation of resources. A user may be able to allocate unlimited memory buffers using API functions.	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2021-38463	2024-11-21 15:17	2021-10-22	Show	GitHub Exploit DB Packet Storm

190818	8.2	HIGH Network	auvesy	versiondog	The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key can be easily extracted from binaries.	CWE-798 Use of Hard-coded Credentials	CVE-2021-38461	2024-11-21 15:17	2021-10-22	Show	GitHub Exploit DB Packet Storm

190819	9.8	CRITICAL Network	auvesy	versiondog	The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access the needed handshake pa…	-	CVE-2021-38459	2024-11-21 15:17	2021-10-22	Show	GitHub Exploit DB Packet Storm

190820	9.8	CRITICAL Network	auvesy	versiondog	The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication.	CWE-306 Missing Authentication for Critical Function	CVE-2021-38457	2024-11-21 15:17	2021-10-22	Show	GitHub Exploit DB Packet Storm