Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 30, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
235991	10	危険	reactos	-	ReactOS における脆弱性	-	CVE-2007-1724	2012-12-20 18:19	2007-03-10	Show	GitHub Exploit DB Packet Storm

235992	10	危険	signkorea	-	SignKorea SKCommAX ActiveX コントロールモジュールの DownloadCertificateExt 関数におけるバッファオーバーフローの脆弱性	-	CVE-2007-1722	2012-12-20 18:19	2007-03-27	Show	GitHub Exploit DB Packet Storm

235993	10	危険	realink	-	C-Arbre における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1721	2012-12-20 18:19	2007-03-27	Show	GitHub Exploit DB Packet Storm

235994	7.5	危険	sb-websoft	-	PHP-Nuke 用の Addressbook モジュールにおけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1720	2012-12-20 18:19	2007-03-27	Show	GitHub Exploit DB Packet Storm

235995	7.5	危険	ttcms	-	ttCMS の lib/db/ez_sql.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1708	2012-12-20 18:19	2007-03-26	Show	GitHub Exploit DB Packet Storm

235996	7.8	危険	yet another telephony engine	-	Yate の SIP チャネルモジュールにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1693	2012-12-20 18:19	2007-05-17	Show	GitHub Exploit DB Packet Storm

235997	6.8	警告	second sight software	-	Second Sight Software ActiveGS ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-1691	2012-12-20 18:19	2007-04-19	Show	GitHub Exploit DB Packet Storm

235998	6.8	警告	second sight software	-	Second Sight Software ActiveGS ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-1690	2012-12-20 18:19	2007-04-19	Show	GitHub Exploit DB Packet Storm

235999	10	危険	シマンテック	-	Norton Personal Firewall および Internet Security 用の ISAlertDataCOM ActiveX コントロールにおけるバッファオーバーフローの脆弱性	-	CVE-2007-1689	2012-12-20 18:19	2007-05-16	Show	GitHub Exploit DB Packet Storm

236000	9.3	危険	solidworks	-	sldimdownload.dll の SolidWorks sldimdownload ActiveX コントロールにおける任意のコマンドを実行される脆弱性	-	CVE-2007-1684	2012-12-20 18:19	2007-04-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221	5.9	MEDIUM Network	-	-	LibrePhotos before 1.0.0 contains a broken object level authorization vulnerability in the SetPhotosShared endpoint that allows authenticated users to grant themselves access to other users' private … New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-57943	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

222	5.3	MEDIUM Network	-	-	LibreTranslate through 1.9.7, fixed in commit 397fd22, contains an IP spoofing vulnerability in the get_remote_address() function that allows unauthenticated attackers to spoof client IP addresses by… New	CWE-348 Use of Less Trusted Source	CVE-2026-57942	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

223	10.0	CRITICAL Network	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files. This issue affects OMGF Pro: from n/a through 5.2.6. Update	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-57700	2026-06-30 03:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

224	6.5	MEDIUM Network	-	-	Parseable before 2.9.2 contains an information disclosure vulnerability in the notification-target API endpoints that returns webhook tokens and basic-auth credentials in cleartext due to commented-o… New	CWE-522 Insufficiently Protected Credentials	CVE-2026-56783	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

225	9.8	CRITICAL Network	-	-	Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when admin_api_… New	CWE-306 Missing Authentication for Critical Function	CVE-2026-56782	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

226	5.3	MEDIUM Network	-	-	Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projectio… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-56781	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

227	7.5	HIGH Network	-	-	Modoboa before 2.9.0 contains an insecure direct object reference vulnerability in the PUT /api/v1/accounts/{pk}/password/ endpoint that allows domain administrators to change any user's password. At… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-56780	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

228	8.6	HIGH Network	-	-	Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and uses a hardcoded default HMAC key, allowing unauthenticated attackers to compute valid HMACs for arbit… New	CWE-918 CWE-1188 Server-Side Request Forgery (SSRF) Insecure Default Initialization of Resource	CVE-2026-56285	2026-06-30 03:16	2026-06-30	Show	GitHub Exploit DB Packet Storm

229	7.1	HIGH Network	-	-	Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions. Update	CWE-79 Cross-site Scripting	CVE-2026-56051	2026-06-30 03:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

230	9.8	CRITICAL Network	-	-	Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website Templates <= 1.4.9 versions. Update	CWE-266 Incorrect Privilege Assignment	CVE-2026-56028	2026-06-30 03:16	2026-06-27	Show	GitHub Exploit DB Packet Storm