Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
192751 5.6 警告
Network
ProMinent - ProMinent MultiFLEX M10a Controller の Web インターフェースにおける認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2017-14013 2017-11-15 11:04 2017-10-12 Show GitHub Exploit DB Packet Storm
192752 8.8 重要
Network
ProMinent - ProMinent MultiFLEX M10a Controller の Web インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2017-14011 2017-11-15 11:04 2017-10-12 Show GitHub Exploit DB Packet Storm
192753 6.5 警告
Network
ProMinent - ProMinent MultiFLEX M10a Controller の Web インターフェースにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい
CVE-2017-14009 2017-11-15 11:04 2017-10-12 Show GitHub Exploit DB Packet Storm
192754 5.6 警告
Network
ProMinent - ProMinent MultiFLEX M10a Controller の Web インターフェースにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限
CVE-2017-14007 2017-11-15 11:04 2017-10-12 Show GitHub Exploit DB Packet Storm
192755 8.8 重要
Network
ProMinent - ProMinent MultiFLEX M10a Controller の Web インターフェースにおけるパスワード管理機能に関する脆弱性 CWE-640
パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み
CVE-2017-14005 2017-11-15 11:04 2017-10-12 Show GitHub Exploit DB Packet Storm
192756 5.3 警告
Network
CodEasily - WordPress 用 Grand Flagallery プラグインにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい
CVE-2014-8491 2017-11-15 11:04 2014-10-23 Show GitHub Exploit DB Packet Storm
192757 6.2 警告
Local
GNU Project - glibc におけるバッファエラーの脆弱性 CWE-119
バッファエラー
CVE-2011-5320 2017-11-15 11:04 2011-09-10 Show GitHub Exploit DB Packet Storm
192758 9.8 緊急
Network
interspire - Interspire Email Marketer における認証に関する脆弱性 CWE-287
不適切な認証
CVE-2017-14322 2017-11-14 18:14 2017-10-17 Show GitHub Exploit DB Packet Storm
192759 7.2 重要
Network
Puppet - Puppet Enterprise および Puppet Agent におけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御
CVE-2016-5714 2017-11-14 18:14 2016-10-20 Show GitHub Exploit DB Packet Storm
192760 8.2 重要
Network
Envitech - Envitech EnviDAS Ultimate における認証に関する脆弱性 CWE-287
不適切な認証
CVE-2017-9625 2017-11-14 17:56 2017-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
121 7.5 HIGH
Network
- - The Setracker2 Android Companion App (com.tgelec.setracker) versions 3.1.5 and earlier uses MD5 to generate a request signature for authenticating communications between the mobile client and the bac… Update CWE-327
 Use of a Broken or Risky Cryptographic Algorithm
CVE-2026-9221 2026-07-1 00:17 2026-06-26 Show GitHub Exploit DB Packet Storm
122 9.8 CRITICAL
Network
- - LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code by supplying a malicious model path in the Chat or … New CWE-94
CWE-829
Code Injection
 Inclusion of Functionality from Untrusted Control Sphere
CVE-2026-58116 2026-07-1 00:17 2026-06-30 Show GitHub Exploit DB Packet Storm
123 9.9 CRITICAL
Network
- - Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, force… New CWE-269
 Improper Privilege Management
CVE-2026-58053 2026-07-1 00:17 2026-06-28 Show GitHub Exploit DB Packet Storm
124 7.5 HIGH
Network
- - A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a … New CWE-191
 Integer Underflow (Wrap or Wraparound)
CVE-2026-58016 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
125 5.9 MEDIUM
Network
- - A flaw was found in GLib. The D-Bus client-side implementation of the DBUS_COOKIE_SHA1 SASL authentication mechanism does not validate the cookie_context parameter received from the server. A malicio… New - CVE-2026-58015 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
126 7.3 HIGH
Network
- - A flaw was found in GLib. An off-by-one error can occur in the g_key_file_get_locale_string_list function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an ou… New CWE-193
 Off-by-one Error
CVE-2026-58014 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
127 6.5 MEDIUM
Network
- - A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used with the `G_REGEX_RAW` compile flag and case-change replacement escapes because the string_append func… New CWE-126
 Buffer Over-read
CVE-2026-58012 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
128 6.5 MEDIUM
Network
- - A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the g_date_time_get_ymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the g_date_time… New CWE-125
Out-of-bounds Read
CVE-2026-58011 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
129 6.5 MEDIUM
Network
- - A flaw was found in GLib. An off-by-one error can occur in the gvs_tuple_is_normal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses … New CWE-126
 Buffer Over-read
CVE-2026-58010 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
130 6.5 MEDIUM
Network
- - Hi.Events through 1.9.0 public check-in list endpoints use short_id as sole access control, allowing unauthenticated access to retrieve full attendee lists including emails and personal information. … New CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor
CVE-2026-57960 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm