Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
212191 7.1 危険 MIT Kerberos - MIT Kerberos 5 の lib/gssapi/krb5/iakerb.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2015-2696 2015-11-10 16:46 2015-10-26 Show GitHub Exploit DB Packet Storm
212192 7.1 危険 MIT Kerberos - MIT Kerberos 5 の lib/gssapi/spnego/spnego_mech.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2015-2695 2015-11-10 16:46 2015-10-26 Show GitHub Exploit DB Packet Storm
212193 6.8 警告 Sensio Labs - Sensio Labs Twig の Template.php の displayBlock 関数における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2015-7809 2015-11-10 16:33 2015-08-12 Show GitHub Exploit DB Packet Storm
212194 5 警告 OpenAFS - OpenAFS の rx/rx.c における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2015-7763 2015-11-10 16:29 2015-10-28 Show GitHub Exploit DB Packet Storm
212195 5 警告 Debian
OpenAFS
- OpenAFS の rx/rx.c における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2015-7762 2015-11-10 16:29 2015-10-28 Show GitHub Exploit DB Packet Storm
212196 4.3 警告 WordPress.org - WordPress の wp-includes/theme.php の legacy theme preview の実装におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-5734 2015-11-10 15:58 2015-08-4 Show GitHub Exploit DB Packet Storm
212197 4.3 警告 WordPress.org - WordPress の wp-admin/js/nav-menu.js の refreshAdvancedAccessibilityOfItem 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-5733 2015-11-10 15:58 2015-08-4 Show GitHub Exploit DB Packet Storm
212198 4.3 警告 WordPress.org - WordPress の wp-includes/default-widgets.php の WP_Nav_Menu_Widget クラスの form 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-5732 2015-11-10 15:58 2015-08-4 Show GitHub Exploit DB Packet Storm
212199 6.8 警告 WordPress.org - WordPress の wp-admin/post.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2015-5731 2015-11-10 15:58 2015-08-4 Show GitHub Exploit DB Packet Storm
212200 5 警告 WordPress.org - WordPress の wp-includes/class-wp-customize-widgets.php 内の sanitize_widget_instance 関数におけるタイミングサイドチャネル攻撃を実行される脆弱性 CWE-200
情報漏えい
CVE-2015-5730 2015-11-10 15:58 2015-08-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
121 7.5 HIGH
Network
- - The Setracker2 Android Companion App (com.tgelec.setracker) versions 3.1.5 and earlier uses MD5 to generate a request signature for authenticating communications between the mobile client and the bac… Update CWE-327
 Use of a Broken or Risky Cryptographic Algorithm
CVE-2026-9221 2026-07-1 00:17 2026-06-26 Show GitHub Exploit DB Packet Storm
122 9.8 CRITICAL
Network
- - LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code by supplying a malicious model path in the Chat or … New CWE-94
CWE-829
Code Injection
 Inclusion of Functionality from Untrusted Control Sphere
CVE-2026-58116 2026-07-1 00:17 2026-06-30 Show GitHub Exploit DB Packet Storm
123 9.9 CRITICAL
Network
- - Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, force… New CWE-269
 Improper Privilege Management
CVE-2026-58053 2026-07-1 00:17 2026-06-28 Show GitHub Exploit DB Packet Storm
124 7.5 HIGH
Network
- - A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a … New CWE-191
 Integer Underflow (Wrap or Wraparound)
CVE-2026-58016 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
125 5.9 MEDIUM
Network
- - A flaw was found in GLib. The D-Bus client-side implementation of the DBUS_COOKIE_SHA1 SASL authentication mechanism does not validate the cookie_context parameter received from the server. A malicio… New - CVE-2026-58015 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
126 7.3 HIGH
Network
- - A flaw was found in GLib. An off-by-one error can occur in the g_key_file_get_locale_string_list function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an ou… New CWE-193
 Off-by-one Error
CVE-2026-58014 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
127 6.5 MEDIUM
Network
- - A flaw was found in GLib. A buffer over-read can occur in the g_regex_replace function when used with the `G_REGEX_RAW` compile flag and case-change replacement escapes because the string_append func… New CWE-126
 Buffer Over-read
CVE-2026-58012 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
128 6.5 MEDIUM
Network
- - A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the g_date_time_get_ymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the g_date_time… New CWE-125
Out-of-bounds Read
CVE-2026-58011 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
129 6.5 MEDIUM
Network
- - A flaw was found in GLib. An off-by-one error can occur in the gvs_tuple_is_normal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses … New CWE-126
 Buffer Over-read
CVE-2026-58010 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
130 6.5 MEDIUM
Network
- - Hi.Events through 1.9.0 public check-in list endpoints use short_id as sole access control, allowing unauthenticated access to retrieve full attendee lists including emails and personal information. … New CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor
CVE-2026-57960 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm