Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
741 9.1 緊急
Network 		オラクル Oracle iSupport オラクルのOracle iSupportにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-46946 2026-06-22 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
742 8.8 重要
Network 		オラクル Oracle Advanced Outbound Telephony オラクルのOracle Advanced Outbound Telephonyにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-46947 2026-06-22 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
743 9.1 緊急
Network 		オラクル Oracle Advanced Outbound Telephony オラクルのOracle Advanced Outbound Telephonyにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-46949 2026-06-22 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
744 8.8 重要
Network 		オラクル Oracle Advanced Outbound Telephony オラクルのOracle Advanced Outbound Telephonyにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-46950 2026-06-22 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
745 7.5 重要
Network 		オラクル Oracle Human Resources オラクルのOracle Human Resourcesにおける複数の脆弱性 CWE-352
CWE-601
CWE-79
CVE-2026-46955 2026-06-22 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
746 7.5 重要
Network 		オラクル Oracle iSupplier Portal オラクルのOracle iSupplier Portalにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46957 2026-06-22 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
747 7.5 重要
Network 		オラクル Oracle Subledger Accounting オラクルのOracle Subledger Accountingにおける複数の脆弱性 CWE-269
CWE-284
CWE-306
CVE-2026-46958 2026-06-22 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
748 7.5 重要
Network 		オラクル Oracle Subledger Accounting オラクルのOracle Subledger Accountingにおける複数の脆弱性 CWE-269
CWE-284
CWE-306
CVE-2026-46959 2026-06-22 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
749 9.9 緊急
Network 		オラクル Oracle Universal Work Queue オラクルのOracle Universal Work Queueにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46963 2026-06-22 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
750 9.9 緊急
Network 		オラクル Oracle Universal Work Queue オラクルのOracle Universal Work Queueにおける複数の脆弱性 CWE-269
CWE-284
CWE-306
CVE-2026-46964 2026-06-22 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
254081 4.3 MEDIUM
Network 		limesurvey limesurvey LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Boxes that can result in CSRF admins to delete boxes. This vulnerability appears to have been fixed … CWE-352
 Origin Validation Error 		CVE-2018-1000514 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254082 6.1 MEDIUM
Network 		galaxyproject galaxy The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sani… CWE-79
Cross-site Scripting 		CVE-2018-1000516 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254083 4.8 MEDIUM
Network 		limesurvey limesurvey LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting (XSS) vulnerability in Boxes that can result in JS code execution against LimeSurvey admins. This vulnerability appears to have b… CWE-79
Cross-site Scripting 		CVE-2018-1000513 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254084 6.1 MEDIUM
Network 		tooltipy_project tooltipy Tooltipy Tooltipy (tooltips for WP) version 5 contains a Cross Site Scripting (XSS) vulnerability in Glossary shortcode that can result in could allow anybody to do almost anything an admin can. This… CWE-79
Cross-site Scripting 		CVE-2018-1000512 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254085 7.5 HIGH
Network 		wpulike ulike WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can result in allows anybody to delete any row in certain tables. This attack appear to be exploitable via A… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-1000511 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254086 6.5 MEDIUM
Network 		silkypress image_zoom WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service. This attack appear to be exploitable via Ca… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-1000510 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254087 7.2 HIGH
Network 		redirection redirection Redirection version 2.7.1 contains a Serialisation vulnerability possibly allowing ACE vulnerability in Settings page AJAX that can result in could allow admin to execute arbitrary code in some circu… CWE-502
 Deserialization of Untrusted Data 		CVE-2018-1000509 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254088 4.8 MEDIUM
Network 		wpulike ulike WP ULike version 2.8.1, 3.1 contains a Cross Site Scripting (XSS) vulnerability in Settings screen that can result in allows unauthorised users to do almost anything an admin can. This attack appear … CWE-79
Cross-site Scripting 		CVE-2018-1000508 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254089 6.5 MEDIUM
Network 		jjj wp_user_groups WP User Groups version 2.0.0 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page that can result in allows anybody to modify user groups and types. This attack appear to be exp… CWE-352
 Origin Validation Error 		CVE-2018-1000507 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254090 8.8 HIGH
Network 		mediaron metronet_tag_manager Metronet Tag Manager version 1.2.7 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page /wp-admin/options-general.php?page=metronet-tag-manager that can result in allows anybody… CWE-352
 Origin Validation Error 		CVE-2018-1000506 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm