Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253231 2.1 注意 シトリックス・システムズ - Xen の tools/libxc/xc_dom_bzimageloader.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-3262 2012-03-27 18:43 2011-08-19 Show GitHub Exploit DB Packet Storm
253232 7.5 危険 CMU - Cyrus IMAP の nntpd の split_wildmats 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3208 2012-03-27 18:43 2011-09-8 Show GitHub Exploit DB Packet Storm
253233 3.3 注意 geoff wong - Hammerhead の hammerhead.cc における任意のファイルに書き込まれる脆弱性 CWE-59
リンク解釈の問題 		CVE-2011-3204 2012-03-27 18:43 2011-09-6 Show GitHub Exploit DB Packet Storm
253234 5 警告 Adiscon - rsyslog の parseLegacySyslogMsg 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3200 2012-03-27 18:43 2011-09-6 Show GitHub Exploit DB Packet Storm
253235 4.3 警告 Ruby on Rails project - Ruby on Rails の to_s メソッドにおける任意のテキストをログファイルに挿入される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3187 2012-03-27 18:43 2011-08-29 Show GitHub Exploit DB Packet Storm
253236 4.3 警告 Ruby on Rails project - Ruby on Rails の actionpack/lib/action_controller/response.rb における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2011-3186 2012-03-27 18:43 2011-08-17 Show GitHub Exploit DB Packet Storm
253237 4.3 警告 The phpMyAdmin Project - phpMyAdmin のトラッキング機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3181 2012-03-27 18:43 2011-08-24 Show GitHub Exploit DB Packet Storm
253238 5.1 警告 アップル - CUPS の gif_read_lzw 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3170 2012-03-27 18:43 2011-08-19 Show GitHub Exploit DB Packet Storm
253239 5 警告 IBM - G400 IPS-G400-IB-1 および GX4004 IPS-GX4004-IB-2 アプライアンスで使用される IBM Web Application Firewall における侵入防御を回避する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-3140 2012-03-27 18:43 2011-08-15 Show GitHub Exploit DB Packet Storm
253240 5 警告 IBM - IBM TFIM および TFIMBG の LTPA STS モジュールサポート実装における LTPA トークンシグネチャの検証を回避する脆弱性 CWE-DesignError
CVE-2011-3138 2012-03-27 18:43 2011-06-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1011 9.1 CRITICAL
Network 		- - Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker… New CWE-78
OS Command  		CVE-2026-12850 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1012 9.1 CRITICAL
Network 		- - Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker… New CWE-78
OS Command  		CVE-2026-12851 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1013 5.4 MEDIUM
Network 		- - Missing permission checks in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified crede… New CWE-862
 Missing Authorization 		CVE-2026-57291 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1014 5.4 MEDIUM
Network 		- - A cross-site request forgery (CSRF) vulnerability in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentia… New CWE-352
 Origin Validation Error 		CVE-2026-57292 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1015 4.3 MEDIUM
Network 		- - An incorrect permission check in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particul… New CWE-862
 Missing Authorization 		CVE-2026-57293 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1016 8.8 HIGH
Network 		- - Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with I… New CWE-22
Path Traversal 		CVE-2026-57296 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1017 5.4 MEDIUM
Network 		- - A cross-site request forgery (CSRF) vulnerability in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers to have Jenkins connect to an attacker-specified URL usi… New CWE-352
 Origin Validation Error 		CVE-2026-57298 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1018 4.3 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/v1/calendars/events/{event_id}/update validates that the caller has write … New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-54006 2026-06-25 22:41 2026-06-24 Show GitHub Exploit DB Packet Storm
1019 6.5 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the chat message listener allows non-same-origin input:prompt and action:submit mess… New CWE-346
 Origin Validation Error 		CVE-2026-54007 2026-06-25 22:40 2026-06-24 Show GitHub Exploit DB Packet Storm
1020 8.5 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, backend/open_webui/utils/oauth.py::_process_picture_url calls validate_url(picture_u… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-54008 2026-06-25 22:35 2026-06-24 Show GitHub Exploit DB Packet Storm