Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 17, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1471	4.3	警告 Network	Synology Inc.	Hyper Backup	Synology Inc.のHyper Backupにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2024-47273	2026-06-8 12:28	2026-06-3	Show	GitHub Exploit DB Packet Storm

1472	5.5	警告 Local	Vivo	EasyShare	VivoのEasyShareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2025-15515	2026-06-8 12:28	2026-03-13	Show	GitHub Exploit DB Packet Storm

1473	8.6	重要 Network	Belden Inc.	HiOS Switch Software	Belden Inc.のHiOS Switch Softwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2025-15620	2026-06-8 12:28	2026-04-2	Show	GitHub Exploit DB Packet Storm

1474	4.9	警告 Network	Extreme Networks, Inc.	ExtremeCloud IQ Site Engine	Extreme Networks, Inc.のExtremeCloud IQ Site Engineにおける認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2026-0689	2026-06-8 12:28	2026-03-2	Show	GitHub Exploit DB Packet Storm

1475	9.8	緊急 Network	Tesseract OCR project	Tesseract OCR	ZapolnochのTesseract OCRにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-26832	2026-06-8 12:28	2026-03-25	Show	GitHub Exploit DB Packet Storm

1476	9.1	緊急 Network	Bytedance Inc.	DeerFlow	Bytedance Inc.のDeerFlowにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40518	2026-06-8 12:28	2026-04-17	Show	GitHub Exploit DB Packet Storm

1477	5.3	警告 Network	The Netty project	netty-incubator-codec-ohttp	Nettyのnetty-incubator-codec-ohttpにおける不十分なランダム値の使用に関する脆弱性	CWE-330 不十分なランダム値の使用	CVE-2026-41207	2026-06-8 12:28	2026-06-4	Show	GitHub Exploit DB Packet Storm

1478	9.8	緊急 Network	DragonSoft	Gcb/fcb Government Financial Cybersecurity Configuration Audit Software	DragonSoftのGcb/fcb Government Financial Cybersecurity Configuration Audit Softwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-4312	2026-06-8 12:28	2026-03-17	Show	GitHub Exploit DB Packet Storm

1479	5.5	警告 Local	Linaro	OP-TEE	Trusted FirmwareのOP-TEEにおける型の取り違えに関する脆弱性	CWE-843 型の取り違え	CVE-2026-45702	2026-06-8 12:28	2026-06-3	Show	GitHub Exploit DB Packet Storm

1480	9.1	緊急 Network	The Netty project	netty-incubator-codec-ohttp	Nettyのnetty-incubator-codec-ohttpにおける複数の脆弱性	CWE-125 CWE-787	CVE-2026-48040	2026-06-8 12:28	2026-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
344471	-	hp	openview_network_node_manager	Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-1555	2018-10-11 04:57	2010-05-14	Show	GitHub Exploit DB Packet Storm

344472	-	mozilla	firefox seamonkey thunderbird	The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey b…	CWE-20 Improper Input Validation	CVE-2010-1585	2018-10-11 04:57	2010-04-29	Show	GitHub Exploit DB Packet Storm

344473	-	apache	activemq	The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/in…	CWE-20 Improper Input Validation	CVE-2010-1587	2018-10-11 04:57	2010-04-29	Show	GitHub Exploit DB Packet Storm

344474	-	silverstripe	silverstripe	Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, a…	CWE-79 Cross-site Scripting	CVE-2010-1593	2018-10-11 04:57	2010-04-29	Show	GitHub Exploit DB Packet Storm

344475	-	sap	netweaver	Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2010-1609	2018-10-11 04:57	2010-04-30	Show	GitHub Exploit DB Packet Storm

344476	-	opencart	opencart	Cross-site request forgery (CSRF) vulnerability in index.php in OpenCart 1.4 allows remote attackers to hijack the authentication of an application administrator for requests that create an administr…	CWE-352 Origin Validation Error	CVE-2010-1610	2018-10-11 04:57	2010-04-30	Show	GitHub Exploit DB Packet Storm

344477	-	ibm	websphere_datapower_xml_accelerator_xa35 websphere_datapower_xml_security_gateway_xs40 websphere_datapower_datapower_integration_appliance_xi50 websphere_datapower_b2b_appliance_xb60 webs…	The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGI…	NVD-CWE-Other	CVE-2010-1612	2018-10-11 04:57	2010-04-30	Show	GitHub Exploit DB Packet Storm

344478	-	artifex	gpl_ghostscript	Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trig…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-1628	2018-10-11 04:57	2010-05-20	Show	GitHub Exploit DB Packet Storm

344479	-	todd_miller	sudo	The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-1646	2018-10-11 04:57	2010-06-8	Show	GitHub Exploit DB Packet Storm

344480	-	powereasy	siteweaver	Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in PowerEasy 2006 and PowerEasy SiteWeaver 6.8 allows remote attackers to inject arbitrary web script or HTML via the ComeUrl parame…	CWE-79 Cross-site Scripting	CVE-2010-1655	2018-10-11 04:57	2010-05-3	Show	GitHub Exploit DB Packet Storm