Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
192081	7.5	重要 Network	WordPress.org	-	WordPress における平文の値を容易に特定される脆弱性	CWE-326 不適切な暗号強度	CVE-2012-6707	2017-11-14 11:50	2012-06-20	Show	GitHub Exploit DB Packet Storm

192082	6.5	警告 Network	レッドハット	-	Red Hat CloudForms 3 Management Engine におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2014-7813	2017-11-14 11:42	2014-11-6	Show	GitHub Exploit DB Packet Storm

192083	8.8	重要 Network	Keycloak	-	JBoss KeyCloak におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-3709	2017-11-14 11:41	2014-10-21	Show	GitHub Exploit DB Packet Storm

192084	9.8	緊急 Network	Berta	-	Berta CMS における危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2015-2780	2017-11-14 11:40	2015-03-26	Show	GitHub Exploit DB Packet Storm

192085	9.8	緊急 Network	SAP	-	SAP POS における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-15293	2017-11-14 11:35	2017-09-12	Show	GitHub Exploit DB Packet Storm

192086	8.8	重要 Network	Inbound Now	-	WordPress 用 Landing Pages プラグインにおけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2015-5227	2017-11-14 11:27	2015-09-30	Show	GitHub Exploit DB Packet Storm

192087	5.7	警告 Network	AlienVault	-	AlienVault USM におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2017-14956	2017-11-14 11:21	2017-10-13	Show	GitHub Exploit DB Packet Storm

192088	9.8	緊急 Network	Airtame Inc.	-	AIRTAME HDMI ドングルのファームウェアにおけるセッションの固定化の脆弱性	CWE-384 セッションの固定化	CVE-2017-15304	2017-11-14 11:07	2017-10-14	Show	GitHub Exploit DB Packet Storm

192089	5.5	警告 Local	Linux	-	Linux Kernel における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2017-15299	2017-11-14 11:07	2017-09-27	Show	GitHub Exploit DB Packet Storm

192090	5.5	警告 Local	Git project	-	Git におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2017-15298	2017-11-14 11:07	2017-10-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
651	7.5	HIGH Network	-	-	A buffer overflow in the gf_media_import function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input. New	CWE-121 Stack-based Buffer Overflow	CVE-2025-60474	2026-06-26 04:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

652	5.0	MEDIUM Local	-	-	A use-after-free in the gf_filter_pid_get_packet function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted… New	CWE-416 Use After Free	CVE-2025-60466	2026-06-26 04:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

653	5.5	MEDIUM Local	-	-	A NULL pointer dereference in the gf_filter_in_parent_chain function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplyin… New	CWE-476 NULL Pointer Dereference	CVE-2025-60473	2026-06-26 04:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

654	7.8	HIGH Local	-	-	Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privi… New	CWE-78 OS Command	CVE-2026-46735	2026-06-26 04:14	2026-06-26	Show	GitHub Exploit DB Packet Storm

655	7.5	HIGH Network	-	-	Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration,… New	CWE-306 CWE-524 Missing Authentication for Critical Function Use of Cache Containing Sensitive Information	CVE-2026-13007	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

656	9.6	CRITICAL Network	-	-	A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker mess… New	CWE-862 Missing Authorization	CVE-2026-11807	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

657	7.8	HIGH Local	-	-	A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of … New	CWE-287 Improper Authentication	CVE-2026-12112	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

658	4.3	MEDIUM Network	-	-	A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds r… New	CWE-125 Out-of-bounds Read	CVE-2026-12891	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

659	4.4	MEDIUM Local	-	-	A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds re… New	CWE-125 Out-of-bounds Read	CVE-2026-12892	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

660	8.8	HIGH Network	-	-	Spring Statemachine's Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts without enforcing a class allowlist (CWE-502, deserialisation of… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-41862	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm