Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209841	5.4	警告	afsinc	-	Android 用 Metalcasting Newsstand アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6919	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209842	5.4	警告	bikersunderground	-	Android 用 Bikers Underground アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6918	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209843	5.4	警告	trafficgate	-	Android 用 Rakuten Install アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6907	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209844	5.4	警告	loli chocolate cake project	-	Android 用 Loli Chocolate Cake アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6906	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209845	5.4	警告	h2o human harmony organization project	-	Android 用 H2O Human Harmony Organization アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6905	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209846	5.4	警告	cloudacl	-	Android 用 Safe Browser - The Web Filter アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6904	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209847	5.4	警告	tionetworks	-	Android 用 Gulf Power Mobile Bill Pay アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6903	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209848	5.4	警告	anjuke	-	Android 用 Anjuke アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6902	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209849	5.4	警告	nobexrc	-	Android 用 RADIOS DEL ECUADOR アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6901	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209850	5.4	警告	core-apps	-	Android 用 EAGE Amsterdam 2014 アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6900	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
252121	6.7	MEDIUM Local	synology	drive_client	Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands vi…	CWE-787 Out-of-bounds Write	CVE-2022-49039	2024-10-9 01:08	2024-09-26	Show	GitHub Exploit DB Packet Storm

252122	7.8	HIGH Local	synology	drive_client	Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecifie…	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2022-49038	2024-10-9 01:08	2024-09-26	Show	GitHub Exploit DB Packet Storm

252123	6.5	MEDIUM Network	synology	drive_client	Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive informatio…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2022-49037	2024-10-9 01:08	2024-09-26	Show	GitHub Exploit DB Packet Storm

252124	6.7	MEDIUM Local	cisco	telepresence_video_communication_server	A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate pri…	CWE-77 Command Injection	CVE-2024-20492	2024-10-9 01:07	2024-10-3	Show	GitHub Exploit DB Packet Storm

252125	4.4	MEDIUM Local	synology	drive_client	Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with adminis…	CWE-120 Classic Buffer Overflow	CVE-2022-49040	2024-10-9 01:07	2024-09-26	Show	GitHub Exploit DB Packet Storm

252126	4.4	MEDIUM Local	synology	drive_client	Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with admini…	CWE-120 Classic Buffer Overflow	CVE-2022-49041	2024-10-9 01:06	2024-09-26	Show	GitHub Exploit DB Packet Storm

252127	5.4	MEDIUM Network	cisco	nexus_dashboard nexus_dashboard_fabric_controller	A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exis…	CWE-862 Missing Authorization	CVE-2024-20477	2024-10-9 01:00	2024-10-3	Show	GitHub Exploit DB Packet Storm

252128	8.2	HIGH Network	synology	drive_client	Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial …	CWE-120 Classic Buffer Overflow	CVE-2023-52946	2024-10-9 00:55	2024-09-26	Show	GitHub Exploit DB Packet Storm

252129	8.6	HIGH Network	cisco	nexus_dashboard_orchestrator nexus_dashboard_insights nexus_dashboard_fabric_controller	A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because …	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-20491	2024-10-9 00:55	2024-10-3	Show	GitHub Exploit DB Packet Storm

252130	9.8	CRITICAL Network	deltaww	diaenergie	Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may be able to exploit this issue to obtain records contained in the target…	CWE-89 SQL Injection	CVE-2024-43699	2024-10-9 00:44	2024-10-4	Show	GitHub Exploit DB Packet Storm