Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
237521 7.5 危険 wowroster - WoWRoster の conf.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3998 2012-12-20 18:02 2006-07-17 Show GitHub Exploit DB Packet Storm
237522 7.5 危険 wowroster - WoWRoster の hsList.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3997 2012-12-20 18:02 2006-07-17 Show GitHub Exploit DB Packet Storm
237523 6.8 警告 user home pages - Mambo または Joomla! 用の User Home Pages コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2006-3995 2012-12-20 18:02 2006-08-4 Show GitHub Exploit DB Packet Storm
237524 7.5 危険 xmb software - XMB の u2u.inc.php における SQL インジェクションの脆弱性 - CVE-2006-3994 2012-12-20 18:02 2006-08-4 Show GitHub Exploit DB Packet Storm
237525 5.1 警告 tsep - Olaf Noehring TSEP の copyright.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3993 2012-12-20 18:02 2006-08-4 Show GitHub Exploit DB Packet Storm
237526 7.5 危険 voc-project - Cisco Unified Wireless IP Phone 7921 における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3991 2012-12-20 18:02 2006-08-4 Show GitHub Exploit DB Packet Storm
237527 7.5 危険 phpsavant - Paul M. Jones Savant2 における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-3990 2012-12-20 18:02 2006-08-4 Show GitHub Exploit DB Packet Storm
237528 5 警告 scott weedon - Scott Weedon Ajax Chat の visitor/livesupport/chat.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-3972 2012-12-20 18:02 2006-08-2 Show GitHub Exploit DB Packet Storm
237529 6.8 警告 scott weedon - Scott Weedon Ajax Chat の visitor/livesupport/chat.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-3971 2012-12-20 18:02 2006-08-2 Show GitHub Exploit DB Packet Storm
237530 5 警告 サン・マイクロシステムズ - Sun Solaris 10 3/05 HW2 の暗号化プロバイダにおけるアプリケーションがデータ変更を検出しない脆弱性 - CVE-2006-3968 2012-12-20 18:02 2006-08-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
141 - - - KTM System e-BOK allows the session identifier to be set by the client prior to authentication. If a cookie with a valid name is set, its value remains unchanged after successful login. This behaviou… New CWE-384
 Session Fixation
CVE-2026-35095 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
142 5.0 MEDIUM
Network
- - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the `GET /api/v1/deployments/{uuid}` endpoint allows any authenticated use… New CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2026-27883 2026-07-1 00:16 2026-07-1 Show GitHub Exploit DB Packet Storm
143 5.0 MEDIUM
Network
- - Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, `GET /api/v1/deployments/{uuid}` in DeployController.php retrieves deploym… New CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2026-27881 2026-07-1 00:16 2026-07-1 Show GitHub Exploit DB Packet Storm
144 5.9 MEDIUM
Network
- - openGauss 在处理带 NLS 参数的 to_timestamp 调用时,to_timestamp_with_fmt_nls() 会将 nls_fmt_str 保存到 u_sess->parser_cxt.nls_fmt_str。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但… New CWE-416
 Use After Free
CVE-2026-14178 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
145 8.6 HIGH
Network
- - The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sanitize user-supplied array keys before using them in a SQL statement, allowing unauthenticated users to perform … New - CVE-2026-11590 2026-07-1 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
146 - - - In the Linux kernel, the following vulnerability has been resolved: drbd: Balance RCU calls in drbd_adm_dump_devices() Make drbd_adm_dump_devices() call rcu_read_lock() before rcu_read_unlock() is … Update - CVE-2026-53128 2026-06-30 23:44 2026-06-25 Show GitHub Exploit DB Packet Storm
147 7.1 HIGH
Local
- - In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtio_transport_inc_rx_pkt() checks vvs->rx_bytes + len > vvs->buf_alloc. virti… Update - CVE-2026-53132 2026-06-30 23:44 2026-06-25 Show GitHub Exploit DB Packet Storm
148 - - - In the Linux kernel, the following vulnerability has been resolved: fs/mbcache: cancel shrink work before destroying the cache mb_cache_destroy() calls shrinker_free() and then frees all cache entr… Update - CVE-2026-53129 2026-06-30 23:44 2026-06-25 Show GitHub Exploit DB Packet Storm
149 7.8 HIGH
Local
- - In the Linux kernel, the following vulnerability has been resolved: fs/omfs: reject s_sys_blocksize smaller than OMFS_DIR_START omfs_fill_super() rejects oversized s_sys_blocksize values (> PAGE_SI… Update - CVE-2026-53130 2026-06-30 23:44 2026-06-25 Show GitHub Exploit DB Packet Storm
150 7.8 HIGH
Local
- - In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes >= 4G When the iommu is used the linearization of the mapping can give a single block t… Update - CVE-2026-53133 2026-06-30 23:44 2026-06-25 Show GitHub Exploit DB Packet Storm