Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 4:07 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
661	7.8	重要 Local	Synology Inc.	Hyper Backup Explorer	Synology Inc.のHyper Backup Explorerにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 New	CWE-829 信頼性のない制御領域からの機能の組み込み	CVE-2022-49042	2026-06-8 12:28	2026-06-3	Show	GitHub Exploit DB Packet Storm

662	5.9	警告 Network	Synology Inc.	Note Station Client	Synology Inc.のNote Station Clientにおける重要な情報の平文での送信に関する脆弱性 New	CWE-319 重要な情報の平文での送信	CVE-2023-52951	2026-06-8 12:28	2026-06-3	Show	GitHub Exploit DB Packet Storm

663	4.1	警告 Network	Synology Inc.	Hyper Backup	Synology Inc.のHyper Backupにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2024-47263	2026-06-8 12:28	2026-06-3	Show	GitHub Exploit DB Packet Storm

664	4.3	警告 Network	Synology Inc.	Hyper Backup	Synology Inc.のHyper Backupにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2024-47273	2026-06-8 12:28	2026-06-3	Show	GitHub Exploit DB Packet Storm

665	5.5	警告 Local	Vivo	EasyShare	VivoのEasyShareにおける重要な機能に対する認証の欠如に関する脆弱性 New	CWE-306 重要な機能に対する認証の欠如解説	CVE-2025-15515	2026-06-8 12:28	2026-03-13	Show	GitHub Exploit DB Packet Storm

666	8.6	重要 Network	Belden Inc.	HiOS Switch Software	Belden Inc.のHiOS Switch Softwareにおける重要な機能に対する認証の欠如に関する脆弱性 New	CWE-306 重要な機能に対する認証の欠如解説	CVE-2025-15620	2026-06-8 12:28	2026-04-2	Show	GitHub Exploit DB Packet Storm

667	4.9	警告 Network	Extreme Networks, Inc.	ExtremeCloud IQ Site Engine	Extreme Networks, Inc.のExtremeCloud IQ Site Engineにおける認証情報の不十分な保護に関する脆弱性 New	CWE-522 認証情報の不十分な保護	CVE-2026-0689	2026-06-8 12:28	2026-03-2	Show	GitHub Exploit DB Packet Storm

668	9.8	緊急 Network	Tesseract OCR project	Tesseract OCR	ZapolnochのTesseract OCRにおけるOS コマンドインジェクションの脆弱性 New	CWE-78 OSコマンド・インジェクション	CVE-2026-26832	2026-06-8 12:28	2026-03-25	Show	GitHub Exploit DB Packet Storm

669	9.1	緊急 Network	Bytedance Inc.	DeerFlow	Bytedance Inc.のDeerFlowにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2026-40518	2026-06-8 12:28	2026-04-17	Show	GitHub Exploit DB Packet Storm

670	5.3	警告 Network	The Netty project	netty-incubator-codec-ohttp	Nettyのnetty-incubator-codec-ohttpにおける不十分なランダム値の使用に関する脆弱性 New	CWE-330 不十分なランダム値の使用	CVE-2026-41207	2026-06-8 12:28	2026-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
255431	9.8	CRITICAL Network	rubyzip_project debian	rubyzip debian_linux	The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "…	CWE-22 Path Traversal	CVE-2017-5946	2024-11-21 12:28	2017-02-27	Show	GitHub Exploit DB Packet Storm

255432	3.7	LOW Network	w3	high_resolution_time_api	The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the http…	NVD-CWE-noinfo	CVE-2017-5928	2024-11-21 12:28	2017-02-27	Show	GitHub Exploit DB Packet Storm

255433	7.5	HIGH Network	intel amd samsung nvidia allwinner	core_i7-2620qm core_i7-6700k core_i5_m480 fx-8120_8-core e-350 atom_c2750 athlon_ii_640_x4 exynos_5800 celeron_n2840 fx-8320_8-core xeon_e5-2658_v2 tegra_k1_cd580m-a1…	Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU ope…	CWE-200 Information Exposure	CVE-2017-5927	2024-11-21 12:28	2017-02-27	Show	GitHub Exploit DB Packet Storm

255434	7.5	HIGH Network	intel amd samsung nvidia allwinner	core_i7-2620qm core_i7-6700k core_i5_m480 fx-8120_8-core e-350 atom_c2750 athlon_ii_640_x4 exynos_5800 celeron_n2840 fx-8320_8-core xeon_e5-2658_v2 tegra_k1_cd580m-a1…	Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU ope…	CWE-200 Information Exposure	CVE-2017-5926	2024-11-21 12:28	2017-02-27	Show	GitHub Exploit DB Packet Storm

255435	7.5	HIGH Network	intel amd samsung nvidia allwinner	core_i7-2620qm core_i7-6700k core_i5_m480 fx-8120_8-core e-350 atom_c2750 athlon_ii_640_x4 exynos_5800 celeron_n2840 fx-8320_8-core xeon_e5-2658_v2 tegra_k1_cd580m-a1…	Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU o…	CWE-200 Information Exposure	CVE-2017-5925	2024-11-21 12:28	2017-02-27	Show	GitHub Exploit DB Packet Storm

255436	7.8	HIGH Local	linux debian canonical	linux_kernel debian_linux ubuntu_linux	The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and conseque…	NVD-CWE-noinfo	CVE-2017-5669	2024-11-21 12:28	2017-02-25	Show	GitHub Exploit DB Packet Storm

255437	9.8	CRITICAL Network	metalgenix	genixcms	CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation of privileges. The forgotpassword.php page can be used to acquire a token.	CWE-352 Origin Validation Error	CVE-2017-5959	2024-11-21 12:28	2017-02-21	Show	GitHub Exploit DB Packet Storm

255438	7.8	HIGH Local	gomlab	gom_player	GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-5881	2024-11-21 12:28	2017-02-21	Show	GitHub Exploit DB Packet Storm

255439	7.0	HIGH Local	linux	linux_kernel	Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a…	CWE-362 Race Condition	CVE-2017-6001	2024-11-21 12:28	2017-02-19	Show	GitHub Exploit DB Packet Storm

255440	5.5	MEDIUM Local	linux	linux_kernel	Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithr…	CWE-362 CWE-617 Race Condition Reachable Assertion	CVE-2017-5986	2024-11-21 12:28	2017-02-19	Show	GitHub Exploit DB Packet Storm