Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
218931 6.8 警告 Zenoss, Inc. - Zenoss Core におけるセッションをハイジャックされる脆弱性 CWE-Other
その他
CVE-2014-9386 2014-12-17 16:59 2014-12-5 Show GitHub Exploit DB Packet Storm
218932 6.8 警告 Zenoss, Inc. - Zenoss Core におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2014-9385 2014-12-17 16:57 2014-12-5 Show GitHub Exploit DB Packet Storm
218933 2.1 注意 Zenoss, Inc. - Zenoss Core における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2014-9252 2014-12-17 16:57 2014-12-5 Show GitHub Exploit DB Packet Storm
218934 5 警告 Zenoss, Inc. - Zenoss Core における平文の値を取得される脆弱性 CWE-255
証明書・パスワード管理
CVE-2014-9251 2014-12-17 16:55 2014-12-5 Show GitHub Exploit DB Packet Storm
218935 5 警告 Zenoss, Inc. - Zenoss Core における資格情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2014-9250 2014-12-17 16:54 2014-12-5 Show GitHub Exploit DB Packet Storm
218936 7.5 危険 Zenoss, Inc. - Zenoss Core のデフォルト設定におけるデータベースの情報を読まれる脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-9249 2014-12-17 16:51 2014-12-5 Show GitHub Exploit DB Packet Storm
218937 5 警告 Zenoss, Inc. - Zenoss Core におけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理
CVE-2014-9248 2014-12-17 16:50 2014-12-5 Show GitHub Exploit DB Packet Storm
218938 4 警告 Zenoss, Inc. - Zenoss Core における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2014-9247 2014-12-17 16:49 2014-12-5 Show GitHub Exploit DB Packet Storm
218939 5 警告 Zenoss, Inc. - Zenoss Core における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2014-9245 2014-12-17 16:48 2014-12-5 Show GitHub Exploit DB Packet Storm
218940 9.3 危険 Zenoss, Inc. - Zenoss Core における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2014-6261 2014-12-17 16:46 2014-12-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
861 - - - SzafirHost verifies the downloaded native library archive with one JarFile parser (reading the Central Directory) but extracts native libraries with JarInputStream parser (reading sequentially from l… New CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2026-13165 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
862 - - - The /v1/upload/sbom endpoint extracts the iss claim from the attacker-supplied JWT with signature verification disabled, then interpolates that string into three log statements before any validation … New CWE-117
 Improper Output Neutralization for Logs
CVE-2026-12616 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
863 - - - libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell() function processes user input using fixed-size stack buffers wit… New CWE-121
Stack-based Buffer Overflow
CVE-2026-11979 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
864 7.4 HIGH
Network
- - Zephyr's BSD-sockets getaddrinfo() implementation (subsys/net/lib/sockets/getaddrinfo.c) passes a pointer to a stack-allocated state object (struct getaddrinfo_state ai_state) as the user_data of an … New CWE-416
 Use After Free
CVE-2026-10646 2026-06-30 00:16 2026-06-28 Show GitHub Exploit DB Packet Storm
865 4.2 MEDIUM
Adjacent
- - The Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c), used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous (DMA) receive path. When uart_rx_ena… New CWE-787
 Out-of-bounds Write
CVE-2026-10644 2026-06-30 00:16 2026-06-28 Show GitHub Exploit DB Packet Storm
866 8.7 HIGH
Local
- - Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinfo()) validated the user-supplied ancillary (msg_control) buffer using only the payload length (msg-msg… New CWE-787
 Out-of-bounds Write
CVE-2026-10643 2026-06-30 00:16 2026-06-28 Show GitHub Exploit DB Packet Storm
867 6.5 MEDIUM
Adjacent
- - The Zephyr Bluetooth LE Audio Basic Audio Profile (BAP) unicast client mishandles peer-supplied ASE state notifications. In unicast_client_ep_qos_state() (subsys/bluetooth/audio/bap_unicast_client.c)… New CWE-476
 NULL Pointer Dereference
CVE-2026-10593 2026-06-30 00:16 2026-06-28 Show GitHub Exploit DB Packet Storm
868 2.7 LOW
Network
devolutions devolutions_server Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side… Update CWE-1284
 Improper Validation of Specified Quantity in Input
CVE-2026-12755 2026-06-30 00:15 2026-06-25 Show GitHub Exploit DB Packet Storm
869 7.2 HIGH
Network
devolutions remote_desktop_manager Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a … New CWE-706
 Use of Incorrectly-Resolved Name or Reference
CVE-2026-13372 2026-06-29 23:56 2026-06-27 Show GitHub Exploit DB Packet Storm
870 5.2 MEDIUM
Local
deno deno Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when fetch() was called, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresse… Update CWE-693
CWE-918
 Protection Mechanism Failure
Server-Side Request Forgery (SSRF) 
CVE-2026-49859 2026-06-29 23:38 2026-06-24 Show GitHub Exploit DB Packet Storm