Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239921 4.3 警告 LXR Project - LXR Cross Referencer におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4497 2012-09-25 17:38 2010-01-7 Show GitHub Exploit DB Packet Storm
239922 5 警告 orion - Orion Application Server における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4493 2012-09-25 17:38 2010-01-13 Show GitHub Exploit DB Packet Storm
239923 5 警告 Igor Sysoev - nginx におけるファイルを上書きされる脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4487 2012-09-25 17:38 2010-01-13 Show GitHub Exploit DB Packet Storm
239924 4.3 警告 nanwich - Drupal 用の FAQ Ask モジュールにおけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2009-4534 2012-09-25 17:38 2009-10-28 Show GitHub Exploit DB Packet Storm
239925 5 警告 Nathan Haug - Drupal 用の Webform モジュールにおけるセッション変数を読み取られる脆弱性 CWE-200
情報漏えい 		CVE-2009-4533 2012-09-25 17:38 2009-10-14 Show GitHub Exploit DB Packet Storm
239926 3.5 注意 Nathan Haug - Webform モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4532 2012-09-25 17:38 2009-10-14 Show GitHub Exploit DB Packet Storm
239927 5 警告 JasPer Project - httpdx における Web ページのソースコードを取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4531 2012-09-25 17:38 2009-12-31 Show GitHub Exploit DB Packet Storm
239928 5 警告 intervations - InterVations NaviCOPA Web Server における Web ページのソースコードを取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4529 2012-09-25 17:38 2009-12-31 Show GitHub Exploit DB Packet Storm
239929 6.5 警告 Moshe Weitzman - Drupal 用の OG Vocabulary モジュールにおける語彙を作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4528 2012-09-25 17:38 2009-10-14 Show GitHub Exploit DB Packet Storm
239930 4.6 警告 National Information Infrastructure Development Institute - Drupal 用の Shibboleth 認証モジュールにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4527 2012-09-25 17:38 2009-10-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
287431 - ibm maximo_asset_management
maximo_for_utilities
maximo_for_nuclear_power
tivoli_service_request_manager
change_and_configuration_management_database
tivoli_asset_management_for_it
maxi… 		Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain … CWE-79
Cross-site Scripting 		CVE-2015-0108 2024-11-21 11:22 2015-02-18 Show GitHub Exploit DB Packet Storm
287432 - e2fsprogs_project
debian
canonical
fedoraproject 		e2fsprogs
debian_linux
ubuntu_linux
fedora 		Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-0247 2024-11-21 11:22 2015-02-18 Show GitHub Exploit DB Packet Storm
287433 - xen xen The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when running on ARM hardware with general interrupt controller (GIC) version 2, allows local guest users to cause a denial of service (… CWE-20
 Improper Input Validation  		CVE-2015-0268 2024-11-21 11:22 2015-02-17 Show GitHub Exploit DB Packet Storm
287434 - rhodecode
kallithea-scm 		rhodecode_enterprise
kallithea 		RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the get_repo API method. CWE-200
Information Exposure 		CVE-2015-0260 2024-11-21 11:22 2015-02-17 Show GitHub Exploit DB Packet Storm
287435 - x.org
opensuse 		xorg-server
opensuse 		X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via … CWE-200
Information Exposure 		CVE-2015-0255 2024-11-21 11:22 2015-02-14 Show GitHub Exploit DB Packet Storm
287436 - freedesktop
opensuse 		dbus
opensuse 		D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service … CWE-362
Race Condition 		CVE-2015-0245 2024-11-21 11:22 2015-02-14 Show GitHub Exploit DB Packet Storm
287437 - apache wss4j Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks." CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-0227 2024-11-21 11:22 2015-02-13 Show GitHub Exploit DB Packet Storm
287438 - microsoft internet_explorer Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclo… CWE-200
Information Exposure 		CVE-2015-0070 2024-11-21 11:22 2015-02-11 Show GitHub Exploit DB Packet Storm
287439 - microsoft internet_explorer Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability." CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-0069 2024-11-21 11:22 2015-02-11 Show GitHub Exploit DB Packet Storm
287440 - microsoft internet_explorer Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corrupti… CWE-399
 Resource Management Errors 		CVE-2015-0068 2024-11-21 11:22 2015-02-11 Show GitHub Exploit DB Packet Storm