Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191621	8.8	重要 Network	Peplink	-	複数の Peplink Balance デバイス製品のファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2017-8836	2017-06-30 14:41	2017-06-5	Show	GitHub Exploit DB Packet Storm

191622	9.8	緊急 Network	Peplink	-	複数の Peplink Balance デバイス製品のファームウェアにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2017-8835	2017-06-30 14:41	2017-06-5	Show	GitHub Exploit DB Packet Storm

191623	9.8	緊急 Network	トレンドマイクロ	-	Deep Discovery Email Inspector に任意のコードが実行可能な脆弱性	-	-	2017-06-30 13:57	2017-04-11	Show	GitHub Exploit DB Packet Storm

191624	7.5	重要 Network	The Chicken Team	-	CHICKEN Scheme におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2017-9334	2017-06-30 13:54	2017-05-28	Show	GitHub Exploit DB Packet Storm

191625	5.4	警告 Network	Telaxus LLC	-	Telaxus EPESI の Agenda コンポーネントにおける格納型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-9331	2017-06-30 13:54	2017-05-29	Show	GitHub Exploit DB Packet Storm

191626	6.5	警告 Network	Allen Disk project	-	Allen Disk の remotedownload.php におけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2017-9307	2017-06-30 13:54	2017-05-9	Show	GitHub Exploit DB Packet Storm

191627	6.1	警告 Network	FlipBuilder	-	FlipBuilder Flip PDF におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-7384	2017-06-30 13:54	2017-05-31	Show	GitHub Exploit DB Packet Storm

191628	6.7	警告 Local	インテル	-	Intel Solid State Drive Toolbox における権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-5688	2017-06-30 13:54	2017-05-30	Show	GitHub Exploit DB Packet Storm

191629	5.5	警告 Local	VMware	-	VMware Horizon DaaS における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2017-4897	2017-06-30 13:54	2017-03-2	Show	GitHub Exploit DB Packet Storm

191630	9.8	緊急 Network	Ceragon Ltd.	-	Ceragon FibeAir IP-10 における SSH アクセス権を取得される脆弱性	CWE-320 鍵管理のエラー	CVE-2015-0936	2017-06-30 13:54	2015-03-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
261	3.3	LOW Local	-	-	Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 through 9.7.1.13, 9.8.0.0 through 9.10.1.5 and 9.11.0.0 through 9.12.0.1 contains an Insufficient Logging vulnerability. A low privileg… New	CWE-778 Insufficient Logging	CVE-2026-32803	2026-05-9 00:36	2026-05-8	Show	GitHub Exploit DB Packet Storm

262	-		-	-	An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash (BSOD) via a read size that exceeds the buffer size.Refer to the ' … New	CWE-125 Out-of-bounds Read	CVE-2026-3508	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

263	-		-	-	An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and obtain restricted touchpad information or render the touc… New	CWE-782 Exposed IOCTL with Insufficient Access Control	CVE-2026-6737	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

264	-		-	-	PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. … New	CWE-22 CWE-269 CWE-284 CWE-732 Path Traversal Improper Privilege Management Improper Access Control Incorrect Permission Assignment for Critical Resource	CVE-2026-8069	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

265	-		-	-	The CloudStack Backup plugin has an improper authorization logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plug… New	CWE-863 Incorrect Authorization	CVE-2025-66170	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

266	-		-	-	The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is e… New	CWE-359 Exposure of Private Personal Information to an Unauthorized Actor	CVE-2025-66171	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

267	-		-	-	The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is e… New	CWE-359 Exposure of Private Personal Information to an Unauthorized Actor	CVE-2025-66172	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

268	8.0	HIGH Network	-	-	Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, th… New	CWE-459 Incomplete Cleanup	CVE-2025-66467	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

269	6.5	MEDIUM Network	-	-	Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limi… New	CWE-367 CWE-770 Time-of-check Time-of-use (TOCTOU) Race Condition Allocation of Resources Without Limits or Throttling	CVE-2025-69233	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

270	-		-	-	The optional extension component TinkerpopClientService is missing the Restricted annotation with the Execute Code Required Permission in Apache NiFi 2.0.0-M1 through 2.8.0. The TinkerpopClientServic… New	CWE-862 Missing Authorization	CVE-2026-39816	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm