Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224831 6 警告 シスコシステムズ - Cisco Unified Communications Manager における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0686 2014-03-5 17:20 2014-02-3 Show GitHub Exploit DB Packet Storm
224832 4.3 警告 AITpro - WordPress 用 BulletProof Security プラグインのセキュリティログにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-3487 2014-03-5 17:14 2013-08-1 Show GitHub Exploit DB Packet Storm
224833 4.3 警告 Andy Bailey - WordPress 用 CommentLuv プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1409 2014-03-5 17:13 2013-02-6 Show GitHub Exploit DB Packet Storm
224834 4.3 警告 アイファイ - Eye-Fi Helper におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4696 2014-03-5 16:56 2011-11-17 Show GitHub Exploit DB Packet Storm
224835 4.3 警告 DrinkedIn - Android 用 DrinkedIn BarFinder アプリケーションにおける任意の JavaScript コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1887 2014-03-5 16:42 2014-02-7 Show GitHub Exploit DB Packet Storm
224836 6.4 警告 HS Group - Android 用 ForzeArmate アプリケーションにおける任意の JavaScript コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1885 2014-03-5 16:40 2014-02-7 Show GitHub Exploit DB Packet Storm
224837 7.5 危険 Google - Android の java/android/webkit/BrowserFrame.java における任意の Java コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-1939 2014-03-5 15:59 2014-02-10 Show GitHub Exploit DB Packet Storm
224838 9 危険 AVTECH - AVTECH AVN801 DVR のファームウェアの cgi-bin/user/Config.cgi におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4981 2014-03-5 14:46 2013-08-28 Show GitHub Exploit DB Packet Storm
224839 9 危険 AVTECH - AVTECH AVN801 DVR のファームウェアの RTSP Packet Handler におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4980 2014-03-5 14:46 2013-08-28 Show GitHub Exploit DB Packet Storm
224840 10 危険 Hangzhou Hikvision Digital Technology - Hikvision DS-2CD7153-E IP カメラのファームウェアの RTSP Packet Handler におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4977 2014-03-5 14:31 2013-08-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1001 4.3 MEDIUM
Network 		- - Jenkins FitNesse Plugin 1.36 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Extended Read permission or access to t… CWE-256
Plaintext Storage of a Password  		CVE-2026-57302 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1002 4.2 MEDIUM
Network 		- - A cross-site request forgery (CSRF) vulnerability in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified… CWE-352
 Origin Validation Error 		CVE-2026-57306 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1003 4.2 MEDIUM
Network 		- - A missing permission check in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-spe… CWE-862
 Missing Authorization 		CVE-2026-57307 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1004 6.2 MEDIUM
Network 		- - A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2.  A specially crafted network request can lead to a denial of service. An attacker can imperson… CWE-121
Stack-based Buffer Overflow 		CVE-2026-12488 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1005 10.0 CRITICAL
Network 		- - GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP me… CWE-121
Stack-based Buffer Overflow 		CVE-2026-12485 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1006 9.1 CRITICAL
Network 		- - Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker… CWE-78
OS Command  		CVE-2026-12486 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1007 10.0 CRITICAL
Network 		- - GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP me… CWE-121
Stack-based Buffer Overflow 		CVE-2026-12846 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1008 10.0 CRITICAL
Network 		- - GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP me… CWE-121
Stack-based Buffer Overflow 		CVE-2026-12847 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1009 10.0 CRITICAL
Network 		- - GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP me… CWE-121
Stack-based Buffer Overflow 		CVE-2026-12848 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1010 9.1 CRITICAL
Network 		- - Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker… CWE-78
OS Command  		CVE-2026-12849 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm