Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
691	9.9	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46855	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

692	9.6	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-noinfo	CVE-2026-46856	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

693	9.8	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46857	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

694	9.1	緊急 Network	オラクル	Oracle Application Performance Management	オラクルのOracle Application Performance Managementにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46858	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

695	9.8	緊急 Network	オラクル	Oracle Agile PLM	オラクルのOracle Agile PLMにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-46859	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

696	7.5	重要 Network	オラクル	MySQL Cluster MySQL Server	オラクルのMySQL Cluster等の複数製品におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-46863	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

697	8.8	重要 Network		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46864	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

698	8.2	重要 Local		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46865	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

699	8.2	重要 Network		-	オラクルのEnterprise Manager Base Platformにおけるリソースの枯渇に関する脆弱性	CWE-400 CWE-noinfo	CVE-2026-46866	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

700	7.2	重要 Network		-	オラクルのEnterprise Manager Base Platformにおける権限管理に関する脆弱性	CWE-269 CWE-noinfo	CVE-2026-46867	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191281	9.8	CRITICAL Network	zohocorp	manageengine_adselfservice_plus	Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation.	CWE-287 Improper Authentication	CVE-2021-37417	2024-11-21 15:15	2021-08-31	Show	GitHub Exploit DB Packet Storm

191282	6.1	MEDIUM Network	zohocorp	manageengine_adselfservice_plus	Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable to reflected XSS on the loadframe page.	CWE-79 Cross-site Scripting	CVE-2021-37416	2024-11-21 15:15	2021-08-31	Show	GitHub Exploit DB Packet Storm

191283	9.8	CRITICAL Network	hexagongeospatial	geomedia_webmap	MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 (aka 16.6.2.66) allows blind SQL Injection via the Id (within sourceItems) parameter to the GetMap method.	CWE-89 SQL Injection	CVE-2021-37749	2024-11-21 15:15	2021-08-30	Show	GitHub Exploit DB Packet Storm

191284	4.8	MEDIUM Network	arubanetworks	airwave	A remote cross-site scripting (XSS) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.13.0. Aruba has released upgrades for the Aruba AirWave Management Platf…	CWE-79 Cross-site Scripting	CVE-2021-37715	2024-11-21 15:15	2021-08-27	Show	GitHub Exploit DB Packet Storm

191285	9.8	CRITICAL Network	smartdatasoft	smartblog	Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year para…	CWE-89 SQL Injection	CVE-2021-37538	2024-11-21 15:15	2021-08-24	Show	GitHub Exploit DB Packet Storm

191286	6.5	MEDIUM Network	mit fedoraproject debian starwindsoftware oracle	kerberos_5 fedora debian_linux starwind_virtual_san communications_cloud_native_core_network_slice_selection_function	The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server fiel…	CWE-476 NULL Pointer Dereference	CVE-2021-37750	2024-11-21 15:15	2021-08-23	Show	GitHub Exploit DB Packet Storm

191287	5.3	MEDIUM Network	wpcerber	wp_cerber	WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character.	CWE-863 Incorrect Authorization	CVE-2021-37598	2024-11-21 15:15	2021-08-20	Show	GitHub Exploit DB Packet Storm

191288	9.8	CRITICAL Network	wpcerber	wp_cerber	WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation.	CWE-287 Improper Authentication	CVE-2021-37597	2024-11-21 15:15	2021-08-20	Show	GitHub Exploit DB Packet Storm

191289	7.5	HIGH Network	icinga debian	icinga debian_linux	Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions 2.5.0 through 2.13.0, Elasticsea…	CWE-295 Improper Certificate Validation	CVE-2021-37698	2024-11-21 15:15	2021-08-20	Show	GitHub Exploit DB Packet Storm

191290	7.3	HIGH Local	nextcloud	desktop	The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. The Nextcloud Desktop Client invokes its uninstaller script when being installed to make sure there …	CWE-427 Uncontrolled Search Path Element	CVE-2021-37617	2024-11-21 15:15	2021-08-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed