Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
238811 5 警告 Moodle - Moodle における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4303 2012-09-25 17:38 2009-12-2 Show GitHub Exploit DB Packet Storm
238812 5 警告 Moodle - Moodle の login/index_form.html における資格情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2009-4302 2012-09-25 17:38 2009-12-2 Show GitHub Exploit DB Packet Storm
238813 6 警告 Moodle - Moodle の mnet/lib.php における任意の MNET 関数を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4301 2012-09-25 17:38 2009-12-2 Show GitHub Exploit DB Packet Storm
238814 5 警告 Moodle - Moodle の認証プラグインにおける資格情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4300 2012-09-25 17:38 2009-12-2 Show GitHub Exploit DB Packet Storm
238815 5 警告 Moodle - mod/glossary/showentry.php における不正に Glossary エントリを読み取られる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4299 2012-09-25 17:38 2009-12-2 Show GitHub Exploit DB Packet Storm
238816 5 警告 Moodle - LAMS モジュールにおけるユーザアカウント情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4298 2012-09-25 17:38 2009-12-2 Show GitHub Exploit DB Packet Storm
238817 6.8 警告 Moodle - Moodle におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-4297 2012-09-25 17:38 2009-12-2 Show GitHub Exploit DB Packet Storm
238818 7.5 危険 haroldbakker - HB-NS における管理コントロールパネルへのアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4262 2012-09-25 17:38 2009-12-10 Show GitHub Exploit DB Packet Storm
238819 10 危険 IBM - IBM InfoSphere Information Server におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4240 2012-09-25 17:38 2009-12-9 Show GitHub Exploit DB Packet Storm
238820 4.3 警告 IBM - IBM InfoSphere Information Server の Web コンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4239 2012-09-25 17:38 2009-12-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
285281 7.8 HIGH
Local 		linux
google 		linux_kernel
android 		Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by … CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2014-9914 2024-11-21 11:21 2017-02-7 Show GitHub Exploit DB Packet Storm
285282 6.1 MEDIUM
Network 		nodejs node.js The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters. CWE-79
Cross-site Scripting 		CVE-2014-9772 2024-11-21 11:21 2017-01-24 Show GitHub Exploit DB Packet Storm
285283 7.5 HIGH
Network 		viprinet multichannel_vpn_router_300_firmware The hardware VPN client in Viprinet MultichannelVPN Router 300 version 2013070830/2013080900 does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before… CWE-20
 Improper Input Validation  		CVE-2014-9755 2024-11-21 11:21 2017-01-21 Show GitHub Exploit DB Packet Storm
285284 5.9 MEDIUM
Network 		viprinet multichannel_vpn_router_300_firmware The hardware VPN client in Viprinet MultichannelVPN Router 300 version 2013070830/2013080900 does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before… CWE-20
 Improper Input Validation  		CVE-2014-9754 2024-11-21 11:21 2017-01-21 Show GitHub Exploit DB Packet Storm
285285 4.0 MEDIUM
Local 		unzip_project unzip Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-9913 2024-11-21 11:21 2017-01-19 Show GitHub Exploit DB Packet Storm
285286 7.0 HIGH
Local 		google android An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-9910 2024-11-21 11:21 2017-01-19 Show GitHub Exploit DB Packet Storm
285287 7.0 HIGH
Local 		google android An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-9909 2024-11-21 11:21 2017-01-19 Show GitHub Exploit DB Packet Storm
285288 9.8 CRITICAL
Network 		php php The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-9912 2024-11-21 11:21 2017-01-5 Show GitHub Exploit DB Packet Storm
285289 9.8 CRITICAL
Network 		icu-project international_components_for_unicode Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a den… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-9911 2024-11-21 11:21 2017-01-5 Show GitHub Exploit DB Packet Storm
285290 9.8 CRITICAL
Network 		debian
dbd-mysql_project 		debian_linux
dbd-mysql 		Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connectio… CWE-416
 Use After Free 		CVE-2014-9906 2024-11-21 11:21 2016-08-20 Show GitHub Exploit DB Packet Storm