Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 30, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230931	-	-	ARM Ltd. (旧 Offspark)	-	削除 PolarSSL の SSL モジュールにおける識別攻撃を誘発される脆弱性	-	CVE-2013-1622	2013-02-13 11:49	2013-02-2	Show	GitHub Exploit DB Packet Storm

230932	6.8	警告	Opera Software ASA	-	Opera における CSRF 保護メカニズムを回避される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-1639	2013-02-12 16:51	2013-01-30	Show	GitHub Exploit DB Packet Storm

230933	9.3	危険	Opera Software ASA	-	Opera における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-1638	2013-02-12 16:49	2013-01-30	Show	GitHub Exploit DB Packet Storm

230934	9.3	危険	Opera Software ASA	-	Opera における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-1637	2013-02-12 16:48	2013-01-30	Show	GitHub Exploit DB Packet Storm

230935	9.3	危険	Ecava	-	IntegraXor SCADA Server におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-4700	2013-02-12 14:26	2013-01-3	Show	GitHub Exploit DB Packet Storm

230936	5	警告	ISC, Inc. 日本電気 VMware	-	複数の DNS ネームサーバの実装に問題	CWE-DesignError	CVE-2012-1033	2013-02-8 16:14	2012-02-9	Show	GitHub Exploit DB Packet Storm

230937	8.5	危険	（複数のベンダ）	-	HP/H3C 製および Huawei 製ネットワーク機器にアクセス制限不備の脆弱性	CWE-200 情報漏えい	CVE-2012-3268	2013-02-8 15:02	2012-10-25	Show	GitHub Exploit DB Packet Storm

230938	2.6	注意	サイボウズ	-	サイボウズガルーンにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0702	2013-02-8 12:01	2013-02-8	Show	GitHub Exploit DB Packet Storm

230939	6.5	警告	サイボウズ	-	サイボウズガルーンにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-0701	2013-02-8 12:01	2013-02-8	Show	GitHub Exploit DB Packet Storm

230940	4.3	警告	Tobias Bathge	-	WordPress 用 WP-Table Reloaded モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-1463	2013-02-8 11:19	2013-01-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211	4.3	MEDIUM Network	-	-	Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers ca… New	CWE-862 Missing Authorization	CVE-2026-57954	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

212	5.4	MEDIUM Network	-	-	Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perform unauthorized write operations by accessing the eventing_import_automati… New	CWE-863 Incorrect Authorization	CVE-2026-57953	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

213	5.3	MEDIUM Network	-	-	Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sa… New	CWE-862 Missing Authorization	CVE-2026-57952	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

214	6.5	MEDIUM Network	-	-	Mythic before 3.4.0.60 contains a broken hasura permission filter on the payload_build_step table with an always-satisfied _or condition that bypasses operation-scoped access controls. Authenticated … New	CWE-863 Incorrect Authorization	CVE-2026-57951	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

215	8.1	HIGH Network	-	-	ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control vulnerability in ErpSaleOrderController that allows attackers with erp:sale-out permissions to gain unauthorize… New	CWE-863 Incorrect Authorization	CVE-2026-57950	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

216	6.5	MEDIUM Network	-	-	ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module's GET /admin-api/crm/follow-up-record/get endpoint that allows authenticated u… New	CWE-862 Missing Authorization	CVE-2026-57949	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

217	6.8	MEDIUM Network	-	-	Pinpoint through version 3.1.0 contains an insecure session management vulnerability that allows attackers to access the pinpointJwt session cookie due to missing HttpOnly and Secure attributes, enab… New	CWE-614 CWE-1004 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute Sensitive Cookie Without 'HttpOnly' Flag	CVE-2026-57948	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

218	8.5	HIGH Network	-	-	Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook registration endpoint that allows authenticated users to register internal URLs due to missing SSRF protecti… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-57947	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

219	3.7	LOW Network	-	-	Invidious before version 2.20260626.0 contains a broken access control vulnerability that allows unauthenticated attackers to retrieve private playlist contents by accessing the RSS feed playlist end… New	CWE-862 Missing Authorization	CVE-2026-57946	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

220	4.3	MEDIUM Network	-	-	PhotoPrism before 260601-a7d098548 contains a broken access control vulnerability that allows authenticated non-admin users to modify other users' profile information by sending requests to arbitrary… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-57945	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm