Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
223631	5.5	警告	Moxi9	-	PHPFox の static/ajax.php における "Only Me" 制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-7196	2014-04-23 19:23	2013-12-22	Show	GitHub Exploit DB Packet Storm

223632	5.5	警告	Moxi9	-	PHPFox における "Only Me" 制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-7195	2014-04-23 19:23	2013-12-21	Show	GitHub Exploit DB Packet Storm

223633	5	警告	シスコシステムズ	-	Cisco CNS Network Registrar の DHCPv6 サーバモジュールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-2155	2014-04-23 18:28	2014-04-18	Show	GitHub Exploit DB Packet Storm

223634	4.3	警告	Gilles LAMIRAL	-	imapsync における資格情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2014-2014	2014-04-23 18:11	2014-02-5	Show	GitHub Exploit DB Packet Storm

223635	5	警告	Gilles LAMIRAL	-	imapsync における重要な情報を送信される脆弱性	CWE-200 情報漏えい	CVE-2013-4279	2014-04-23 18:07	2013-08-22	Show	GitHub Exploit DB Packet Storm

223636	5	警告	Progea Srl	-	Progea Movicon の TCPUploade モジュールにおける重要なバージョン情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2014-0778	2014-04-23 18:03	2014-04-15	Show	GitHub Exploit DB Packet Storm

223637	4.9	警告	Fabrice Bellard レッドハット	-	QEMU の virtio_net_handle_mac 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2014-0150	2014-04-23 18:00	2014-03-20	Show	GitHub Exploit DB Packet Storm

223638	4.9	警告	PCNetSoftware	-	PCNetSoftware RAC Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-2597	2014-04-23 17:52	2014-04-11	Show	GitHub Exploit DB Packet Storm

223639	10	危険	OpenJPEG project	-	OpenJPEG におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-4290	2014-04-23 17:22	2013-09-11	Show	GitHub Exploit DB Packet Storm

223640	10	危険	OpenJPEG project	-	OpenJPEG の lib/openjp3d/jp3d.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2013-4289	2014-04-23 17:22	2013-09-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1591	5.3	MEDIUM Adjacent	-	-	dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW repl…	CWE-416 Use After Free	CVE-2026-56113	2026-06-24 03:18	2026-06-24	Show	GitHub Exploit DB Packet Storm

1592	5.8	MEDIUM Network	-	-	Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded variants. SetCookie::matchesDomain() removes lea…	CWE-346 CWE-1286 Origin Validation Error Improper Validation of Syntactic Correctness of Input	CVE-2026-55767	2026-06-24 03:18	2026-06-24	Show	GitHub Exploit DB Packet Storm

1593	6.1	MEDIUM Network	-	-	yt-dlp is a command-line audio/video downloader. From 2023.09.24 until 2026.06.09, if curl is used as an external downloader for yt-dlp, cookies may be leaked to an unintended host upon HTTP redirect…	CWE-200 Information Exposure	CVE-2026-50019	2026-06-24 03:18	2026-06-24	Show	GitHub Exploit DB Packet Storm

1594	8.8	HIGH Network	-	-	A missing validation of user input exists when saving delivery limitations in Revive Adserver 6.0.6 and earlier. A low‑privileged user could add an unexpected component parameter and inject malicious…	CWE-94 Code Injection	CVE-2026-44959	2026-06-24 03:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

1595	5.4	MEDIUM Network	-	-	An access control bypass allows an advertiser‑level user to activate or deactivate a banner in Revive Adserver 6.0.6 and earlier, even when such permissions were not granted. The banner-edit.php scri…	CWE-284 Improper Access Control	CVE-2026-44958	2026-06-24 03:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

1596	4.3	MEDIUM Network	-	-	A missing access control check when invoking various modify methods in the XML‑RPC API of Revive Adserver 6.0.6 and earlier. The API allowed entities to be reassigned to different parent entities, le…	CWE-284 Improper Access Control	CVE-2026-44957	2026-06-24 03:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

1597	8.8	HIGH Network	-	-	A missing validation of user input when saving delivery limitations in Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to use the logical parameter to inject malicious PHP code in…	CWE-94 Code Injection	CVE-2026-34916	2026-06-24 03:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

1598	6.1	MEDIUM Network	-	-	A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to exploit the clientid parameter to perform blind SQL injec…	CWE-79 Cross-site Scripting	CVE-2026-34915	2026-06-24 03:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

1599	8.3	HIGH Network	-	-	A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier. A low‑privileged user could exploit the clientid parameter to perform blind SQL injection att…	CWE-89 SQL Injection	CVE-2026-34914	2026-06-24 03:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

1600	4.3	MEDIUM Network	-	-	A missing access control check when linking trackers to campaigns through the campaign-trackers.php script of Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to link their tracker…	CWE-284 Improper Access Control	CVE-2026-34913	2026-06-24 03:17	2026-06-24	Show	GitHub Exploit DB Packet Storm