Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
231971 7.5 危険 thefactory - Joomla! 用の Deluxe blogfactory コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2010-1955 2012-12-20 19:29 2010-05-19 Show GitHub Exploit DB Packet Storm
231972 10 危険 Standards Based Linux Instrumentation (SBLIM) - SBLIM SFCB の httpAdapter におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-1937 2012-12-20 19:29 2010-05-14 Show GitHub Exploit DB Packet Storm
231973 9.3 危険 XnSoft - XnView におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2010-1932 2012-12-20 19:29 2010-06-16 Show GitHub Exploit DB Packet Storm
231974 7.5 危険 rifat kurban - tekno.Portal の makale.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-1925 2012-12-20 19:29 2010-05-12 Show GitHub Exploit DB Packet Storm
231975 7.5 危険 phpscripte24 - Hi Web Wiesbaden Live Shopping Multi Portal System の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-1924 2012-12-20 19:29 2010-05-12 Show GitHub Exploit DB Packet Storm
231976 7.5 危険 phpscripte24 - Hi Web Wiesbaden Web Social Network Freunde Community System の user.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-1923 2012-12-20 19:29 2010-05-12 Show GitHub Exploit DB Packet Storm
231977 7.5 危険 xinha
s9y
- Serendipity で使用されている Xinha WYSIWYG エディタにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2010-1916 2012-12-20 19:29 2010-05-12 Show GitHub Exploit DB Packet Storm
231978 4.3 警告 tufat - FlashCard の cPlayer.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-1872 2012-12-20 19:29 2010-05-12 Show GitHub Exploit DB Packet Storm
231979 6.8 警告 レッドハット - Red Hat Linux 用の JBoss Enterprise Application Platform で使用されている jboss-seam2 における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2010-1871 2012-12-20 19:29 2010-07-27 Show GitHub Exploit DB Packet Storm
231980 6.8 警告 realitymedias - RepairShop2 の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-1857 2012-12-20 19:29 2010-05-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1581 6.5 MEDIUM
Network
- - motionEye (mEye) is an online interface for motion software, which is a video surveillance program with motion detection. Versions prior to 0.44.0 are vulnerable to path traversal in the picture and … CWE-22
CWE-284
Path Traversal
Improper Access Control
CVE-2026-31978 2026-06-26 08:17 2026-06-25 Show GitHub Exploit DB Packet Storm
1582 5.4 MEDIUM
Network
- - Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id parameter before passing it to RememberMeSessionModel::remove, allowing authentica… CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2026-56774 2026-06-26 07:17 2026-06-26 Show GitHub Exploit DB Packet Storm
1583 8.8 HIGH
Network
- - Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authenticated users to access other users' robots and OAuth … CWE-862
 Missing Authorization
CVE-2026-56767 2026-06-26 06:16 2026-06-26 Show GitHub Exploit DB Packet Storm
1584 - - - Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Jupyter Notebook (ipynb) sanitizer endpoint at POST /-/api/sanitize_ipynb allows arbitrary data: URIs without proper restrictions,… CWE-80
Basic XSS
CVE-2026-52816 2026-06-26 06:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1585 3.5 LOW
Network
- - Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index pattern can cause a panic when rendering, resulting in denial of service. In internal/markup/markup.go, … CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine
CVE-2026-52796 2026-06-26 06:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1586 4.9 MEDIUM
Network
- - Gogs is an open source self-hosted Git service. Prior to 0.14.3, a malicious user with rights to create a new file on a repository or wiki page can trigger a denial of service condition in which the … CWE-20
 Improper Input Validation 
CVE-2025-64719 2026-06-26 06:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1587 5.5 MEDIUM
Local
- - Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit CWE-88
Argument Injection
CVE-2026-11968 2026-06-26 05:21 2026-06-24 Show GitHub Exploit DB Packet Storm
1588 8.0 HIGH
Network
- - py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an an arbitrary file write vulnerability, w… CWE-59
Link Following
CVE-2026-23879 2026-06-26 05:21 2026-06-25 Show GitHub Exploit DB Packet Storm
1589 7.2 HIGH
Network
- - 3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by … CWE-73
 External Control of File Name or Path
CVE-2026-55477 2026-06-26 05:21 2026-06-26 Show GitHub Exploit DB Packet Storm
1590 3.5 LOW
Network
- - HCL Connections contains a broken access control vulnerability that may allow an unauthorized user to view data in a single specific scenario. CWE-284
CWE-319
Improper Access Control
Cleartext Transmission of Sensitive Information
CVE-2025-15619 2026-06-26 05:20 2026-06-24 Show GitHub Exploit DB Packet Storm