Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
199981 4.7 警告
Local
Linux - Qualcomm カメラドライバにおける情報を公開される脆弱性 CWE-200
情報漏えい
CVE-2017-0629 2017-05-24 18:38 2017-05-1 Show GitHub Exploit DB Packet Storm
199982 4.7 警告
Local
Linux - Qualcomm カメラドライバにおける情報を公開される脆弱性 CWE-200
情報漏えい
CVE-2017-0628 2017-05-24 18:38 2017-05-1 Show GitHub Exploit DB Packet Storm
199983 5.5 警告
Local
Linux - Qualcomm 暗号化エンジンドライバにおける情報を公開される脆弱性 CWE-200
情報漏えい
CVE-2017-0626 2017-05-24 18:38 2017-05-1 Show GitHub Exploit DB Packet Storm
199984 5.5 警告
Local
Linux - Qualcomm Wi-Fi ドライバにおける情報を公開される脆弱性 CWE-200
情報漏えい
CVE-2017-0624 2017-05-24 18:38 2017-05-1 Show GitHub Exploit DB Packet Storm
199985 7 重要
Local
Linux - Qualcomm カメラドライバにおける権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2017-0621 2017-05-24 18:38 2017-05-1 Show GitHub Exploit DB Packet Storm
199986 7 重要
Local
Linux - Qualcomm セキュアチャネルマネージャドライバにおける権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2017-0620 2017-05-24 18:38 2017-05-1 Show GitHub Exploit DB Packet Storm
199987 7.5 重要
Network
WordPress.org - WordPress の XML-RPC API における POST メタデータのケーパビリティチェックに関する脆弱性 CWE-20
不適切な入力確認
CVE-2017-9065 2017-05-24 18:35 2017-05-16 Show GitHub Exploit DB Packet Storm
199988 8.8 重要
Network
WordPress.org - WordPress のファイルシステムの資格情報ダイアログにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2017-9064 2017-05-24 18:35 2017-05-16 Show GitHub Exploit DB Packet Storm
199989 6.1 警告
Network
WordPress.org - WordPress の Customizer におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2017-9063 2017-05-24 18:35 2017-05-16 Show GitHub Exploit DB Packet Storm
199990 8.6 重要
Network
WordPress.org - WordPress の XML-RPC API における POST メタデータ値の処理に関する脆弱性 CWE-19
データ処理
CVE-2017-9062 2017-05-24 18:35 2017-05-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
851 - - - GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single executi… New CWE-126
 Buffer Over-read
CVE-2026-41992 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
852 - - - GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a tem… New CWE-377
 Insecure Temporary File
CVE-2026-41991 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
853 8.1 HIGH
Network
- - FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Audit Trail report handler that allows authenticated attackers with SA_GLANALYTIC permission to execute arbitrary SQL queri… New CWE-89
SQL Injection
CVE-2026-40523 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
854 7.1 HIGH
Network
- - FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Bank Statement report handler that allows authenticated attackers to extract arbitrary database data by injecting UNION SEL… New CWE-89
CWE-916
SQL Injection
 Use of Password Hash With Insufficient Computational Effort
CVE-2026-40522 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
855 5.5 MEDIUM
Local
- - Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. … New CWE-321
 Use of Hard-coded Cryptographic Key
CVE-2026-39031 2026-06-30 00:16 2026-06-27 Show GitHub Exploit DB Packet Storm
856 7.5 HIGH
Network
- - An issue in the DSO::mmap_and_copy function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via loading a crafted shared library. New CWE-404
 Improper Resource Shutdown or Release
CVE-2026-38641 2026-06-30 00:16 2026-06-27 Show GitHub Exploit DB Packet Storm
857 7.5 HIGH
Network
- - An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parsing a crafted input. New CWE-20
 Improper Input Validation 
CVE-2026-38639 2026-06-30 00:16 2026-06-27 Show GitHub Exploit DB Packet Storm
858 4.6 MEDIUM
Physics
- - Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 (V603) allow a p… New CWE-312
 Cleartext Storage of Sensitive Information
CVE-2026-38571 2026-06-30 00:16 2026-06-27 Show GitHub Exploit DB Packet Storm
859 7.5 HIGH
Network
- - An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components New CWE-400
 Uncontrolled Resource Consumption
CVE-2026-36478 2026-06-30 00:16 2026-06-27 Show GitHub Exploit DB Packet Storm
860 8.1 HIGH
Network
- - The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using the… New CWE-798
 Use of Hard-coded Credentials
CVE-2026-31928 2026-06-30 00:16 2026-06-27 Show GitHub Exploit DB Packet Storm