Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216491 5 警告 シスコシステムズ - Cisco Unified Communications Manager の Interactive Voice Response コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-0699 2015-04-16 17:50 2015-04-14 Show GitHub Exploit DB Packet Storm
216492 4.3 警告 シスコシステムズ - Cisco Web セキュリティ アプライアンスデバイスのソフトウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-0698 2015-04-16 17:49 2015-04-14 Show GitHub Exploit DB Packet Storm
216493 7.2 危険 シスコシステムズ - Cisco Web セキュリティ アプライアンスデバイスのソフトウェアにおける任意の Python コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2015-0693 2015-04-16 17:49 2015-04-13 Show GitHub Exploit DB Packet Storm
216494 4.3 警告 Palo Alto Networks - Palo Alto Networks Traps におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-2223 2015-04-16 17:36 2015-03-29 Show GitHub Exploit DB Packet Storm
216495 10 危険 Debian - libdbd-firebird-perl の dbdimp.c 内の ib_fill_isqlda 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-2788 2015-04-16 17:29 2015-03-22 Show GitHub Exploit DB Packet Storm
216496 3.5 注意 Shareaholic - WordPress 用 Shareaholic プラグインの admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9311 2015-04-16 17:23 2014-11-10 Show GitHub Exploit DB Packet Storm
216497 9 危険 ヒューレット・パッカード - 複数の HP Thin Client デバイスで使用される HP Easy Deploy における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2015-2112 2015-04-16 16:38 2015-04-7 Show GitHub Exploit DB Packet Storm
216498 10 危険 ヒューレット・パッカード - 複数の HP Thin Client デバイスで使用される HP Easy Deploy における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2015-2113 2015-04-16 16:38 2015-04-7 Show GitHub Exploit DB Packet Storm
216499 6.8 警告 ヒューレット・パッカード - HP Support Solution Framework における任意のプログラムをクライアントマシンにダウンロードされる脆弱性 CWE-Other
その他 		CVE-2015-2114 2015-04-16 16:38 2014-04-10 Show GitHub Exploit DB Packet Storm
216500 7.2 危険 IBM - IBM Tivoli Storage Manager FastBack の FastBackMount プロセスにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-1897 2015-04-16 16:37 2015-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1341 7.3 HIGH
Network 		- - pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's patch application pipeline (@pnpm/patch-package) performs no path validation on file paths extracted from .patch files. An attacker who … CWE-22
Path Traversal 		CVE-2026-50015 2026-06-26 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
1342 7.5 HIGH
Network 		- - Zephyr's IPv6 network stack can be prevented from receiving or processing future incoming packets by sending a small number of maliciously fragmented IPv6 packets. When such a packet is handled by th… CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2026-13351 2026-06-26 04:16 2026-06-26 Show GitHub Exploit DB Packet Storm
1343 7.5 HIGH
Network 		- - An issue in the st_compare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. CWE-89
SQL Injection 		CVE-2025-61023 2026-06-26 04:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1344 8.7 HIGH
Local 		- - Anthropic Claude Desktop Cowork VM image handling (confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0) validates only file presence and a version marker strin… CWE-353
 Missing Support for Integrity Check 		CVE-2026-7574 2026-06-26 04:14 2026-06-24 Show GitHub Exploit DB Packet Storm
1345 8.6 HIGH
Network 		- - Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by… CWE-200
Information Exposure 		CVE-2026-49269 2026-06-26 04:14 2026-06-25 Show GitHub Exploit DB Packet Storm
1346 7.8 HIGH
Local 		- - Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privi… CWE-78
OS Command  		CVE-2026-46735 2026-06-26 04:14 2026-06-26 Show GitHub Exploit DB Packet Storm
1347 7.5 HIGH
Network 		- - Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration,… CWE-306
CWE-524
Missing Authentication for Critical Function
 Use of Cache Containing Sensitive Information 		CVE-2026-13007 2026-06-26 04:10 2026-06-24 Show GitHub Exploit DB Packet Storm
1348 7.8 HIGH
Local 		- - A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of … CWE-287
Improper Authentication 		CVE-2026-12112 2026-06-26 04:10 2026-06-24 Show GitHub Exploit DB Packet Storm
1349 4.3 MEDIUM
Network 		- - A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds r… CWE-125
Out-of-bounds Read 		CVE-2026-12891 2026-06-26 04:10 2026-06-24 Show GitHub Exploit DB Packet Storm
1350 4.4 MEDIUM
Local 		- - A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds re… CWE-125
Out-of-bounds Read 		CVE-2026-12892 2026-06-26 04:10 2026-06-24 Show GitHub Exploit DB Packet Storm