Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 30, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
221881	7.5	危険	VMTurbo	-	VMTurbo Operations Manager の vmtadmin.cgi における任意のコマンドを実行される脆弱性	CWE-Other その他	CVE-2014-5073	2014-09-3 14:13	2014-07-25	Show	GitHub Exploit DB Packet Storm

221882	6.6	警告	Android for MSM	-	MSM デバイス用 Qualcomm Innovation Center Android コントリビューションなどで同梱される Linux Kernel ブートローダにおける署名検証コードを上書きされる脆弱性	CWE-20 不適切な入力確認	CVE-2013-2598	2014-09-3 14:02	2013-09-6	Show	GitHub Exploit DB Packet Storm

221883	4.3	警告	Xen プロジェクト	-	Xen におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-5147	2014-09-3 13:41	2014-08-12	Show	GitHub Exploit DB Packet Storm

221884	4.3	警告	シスコシステムズ	-	Cisco Intelligent Automation for Cloud における重要な情報を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2014-3352	2014-09-3 12:24	2014-08-29	Show	GitHub Exploit DB Packet Storm

221885	6.8	警告	マカフィー	-	McAfee Network Security Manager の User Management モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-2390	2014-09-3 12:18	2014-07-24	Show	GitHub Exploit DB Packet Storm

221886	5	警告	Innovative Interfaces Inc.	-	Innovative Interfaces Encore Discovery Solution における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2014-5128	2014-09-3 12:03	2014-08-26	Show	GitHub Exploit DB Packet Storm

221887	5.8	警告	Innovative Interfaces Inc.	-	Innovative Interfaces Encore Discovery Solution におけるオープンリダイレクトの脆弱性	CWE-Other その他	CVE-2014-5127	2014-09-3 11:59	2014-08-26	Show	GitHub Exploit DB Packet Storm

221888	4.3	警告	Zoho Corporation	-	ZOHO ManageEngine EventLog Analyzer の event/index2.do におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-4930	2014-09-3 11:52	2014-08-26	Show	GitHub Exploit DB Packet Storm

221889	9	危険	アルバネットワークス株式会社	-	Aruba Networks ClearPass Policy Manager の管理コンソールにおける任意のコマンドを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2593	2014-09-3 11:36	2014-07-25	Show	GitHub Exploit DB Packet Storm

221890	4.3	警告	freedesktop.org	-	Poppler の DCTStream.cc におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-5110	2014-09-3 11:26	2010-04-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311	4.6	MEDIUM Physics	-	-	Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 (V603) allow a p… New	CWE-312 Cleartext Storage of Sensitive Information	CVE-2026-38571	2026-06-30 00:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

312	7.5	HIGH Network	-	-	An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-36478	2026-06-30 00:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

313	8.1	HIGH Network	-	-	The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using the… New	CWE-798 Use of Hard-coded Credentials	CVE-2026-31928	2026-06-30 00:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

314	7.5	HIGH Network	-	-	fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode (IDN) hostnames for HTTP-family URLs. The IDN conversion path calls a helper that does not exist on the global URL constru… New	CWE-436 Interpretation Conflict	CVE-2026-13676	2026-06-30 00:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

315	-		-	-	SzafirHost verifies the downloaded native library archive with one JarFile parser (reading the Central Directory) but extracts native libraries with JarInputStream parser (reading sequentially from l… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-13165	2026-06-30 00:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

316	-		-	-	The /v1/upload/sbom endpoint extracts the iss claim from the attacker-supplied JWT with signature verification disabled, then interpolates that string into three log statements before any validation … New	CWE-117 Improper Output Neutralization for Logs	CVE-2026-12616	2026-06-30 00:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

317	-		-	-	libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell() function processes user input using fixed-size stack buffers wit… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-11979	2026-06-30 00:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

318	7.4	HIGH Network	-	-	Zephyr's BSD-sockets getaddrinfo() implementation (subsys/net/lib/sockets/getaddrinfo.c) passes a pointer to a stack-allocated state object (struct getaddrinfo_state ai_state) as the user_data of an … New	CWE-416 Use After Free	CVE-2026-10646	2026-06-30 00:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

319	4.2	MEDIUM Adjacent	-	-	The Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c), used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous (DMA) receive path. When uart_rx_ena… New	CWE-787 Out-of-bounds Write	CVE-2026-10644	2026-06-30 00:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

320	8.7	HIGH Local	-	-	Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinfo()) validated the user-supplied ancillary (msg_control) buffer using only the payload length (msg-msg… New	CWE-787 Out-of-bounds Write	CVE-2026-10643	2026-06-30 00:16	2026-06-28	Show	GitHub Exploit DB Packet Storm