Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
71 7.5 重要
Network 		F5 Networks BIG-IP Advanced Web Application Firewall (WAF)
BIG-IP Application Security Manager (ASM) 		F5 NetworksのBIG-IP Advanced Web Application Firewall (WAF)等の複数製品における未チェックの戻り値に関する脆弱性 New CWE-252
未チェックの戻り値 		CVE-2026-40060 2026-06-30 11:21 2026-05-13 Show GitHub Exploit DB Packet Storm
72 8.7 重要
Network 		F5 Networks BIG-IP Domain Name System (DNS) F5 NetworksのBIG-IP Domain Name System (DNS)におけるコマンドインジェクションの脆弱性 New CWE-77
コマンドインジェクション 		CVE-2026-40061 2026-06-30 11:21 2026-05-13 Show GitHub Exploit DB Packet Storm
73 7.5 重要
Network 		F5 Networks BIG-IP Access Policy Manager (APM) F5 NetworksのBIG-IP Access Policy Manager (APM)における古典的バッファオーバーフローの脆弱性 New CWE-120
古典的バッファオーバーフロー 		CVE-2026-40067 2026-06-30 11:21 2026-05-13 Show GitHub Exploit DB Packet Storm
74 6.1 警告
Network 		The Cacti Group Cacti The Cacti GroupのCactiにおけるオープンリダイレクトの脆弱性 New CWE-601
オープンリダイレクト 		CVE-2026-40080 2026-06-30 11:21 2026-06-25 Show GitHub Exploit DB Packet Storm
75 5.4 警告
Network 		The Cacti Group Cacti The Cacti GroupのCactiにおけるセッションの固定化の脆弱性 New CWE-384
セッションの固定化 		CVE-2026-40082 2026-06-30 11:21 2026-06-25 Show GitHub Exploit DB Packet Storm
76 7.2 重要
Network 		The Cacti Group Cacti The Cacti GroupのCactiにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-40083 2026-06-30 11:21 2026-06-25 Show GitHub Exploit DB Packet Storm
77 6.5 警告
Network 		The Cacti Group Cacti The Cacti GroupのCactiにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-40084 2026-06-30 11:21 2026-06-25 Show GitHub Exploit DB Packet Storm
78 7.5 重要
Network 		F5 Networks BIG-IP Advanced Web Application Firewall (WAF)
BIG-IP WebAccelerator
BIG-IP Domain Name System (DNS)
BIG-IP Application Security&n… 		F5 NetworksのBIG-IP Access Policy Manager (APM)等の複数製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40423 2026-06-30 11:21 2026-05-13 Show GitHub Exploit DB Packet Storm
79 5.3 警告
Network 		F5 Networks BIG-IP Advanced Web Application Firewall (WAF)
BIG-IP WebAccelerator
BIG-IP Domain Name System (DNS)
BIG-IP Application Security&n… 		F5 NetworksのBIG-IP Access Policy Manager (APM)等の複数製品における保護されていない代替チャネルに関する脆弱性 New CWE-420
保護されていない代替チャネル 		CVE-2026-40435 2026-06-30 11:21 2026-05-13 Show GitHub Exploit DB Packet Storm
80 6.5 警告
Network 		F5 Networks DoS
NGINX Instance Manager
WAF
NGINX Ingress Controller
nginx open source
NGINX Gateway Fabric
NGINX plus 		F5 NetworksのDoS等の複数製品におけるスプーフィングによる認証回避に関する脆弱性 New CWE-290
スプーフィングによる認証回避 		CVE-2026-40460 2026-06-30 11:21 2026-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
343511 - microsoft frontpage
internet_information_server
internet_information_services 		The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does n… NVD-CWE-Other
CVE-2000-0413 2018-10-31 01:25 2000-05-6 Show GitHub Exploit DB Packet Storm
343512 - microsoft internet_information_server
internet_information_services 		ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HT… NVD-CWE-Other
CVE-2000-0457 2018-10-31 01:25 2000-05-11 Show GitHub Exploit DB Packet Storm
343513 - microsoft internet_information_server
internet_information_services 		IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability. NVD-CWE-Other
CVE-2000-0630 2018-10-31 01:25 2000-07-17 Show GitHub Exploit DB Packet Storm
343514 - microsoft internet_information_server
internet_information_services 		An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to cause a denial of service by accessing the script without a particular argument, aka the "Absent D… NVD-CWE-Other
CVE-2000-0631 2018-10-31 01:25 2000-07-14 Show GitHub Exploit DB Packet Storm
343515 - microsoft internet_information_server
internet_information_services 		IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictio… NVD-CWE-Other
CVE-2000-0770 2018-10-31 01:25 2000-10-20 Show GitHub Exploit DB Packet Storm
343516 - microsoft internet_information_server
internet_information_services 		IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Se… NVD-CWE-Other
CVE-2000-0884 2018-10-31 01:25 2000-12-19 Show GitHub Exploit DB Packet Storm
343517 - microsoft internet_information_server
internet_information_services 		IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Pa… NVD-CWE-Other
CVE-2000-0886 2018-10-31 01:25 2000-12-19 Show GitHub Exploit DB Packet Storm
343518 - microsoft internet_information_services A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) … NVD-CWE-Other
CVE-2000-0951 2018-10-31 01:25 2000-12-19 Show GitHub Exploit DB Packet Storm
343519 - microsoft internet_information_server
internet_information_services 		IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to … NVD-CWE-Other
CVE-2000-0970 2018-10-31 01:25 2000-12-19 Show GitHub Exploit DB Packet Storm
343520 - cisco pix_firewall_software Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the r… NVD-CWE-Other
CVE-2000-1027 2018-10-31 01:25 2000-12-11 Show GitHub Exploit DB Packet Storm