Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
240011 7.5 危険 JasPer Project - httpdx の FTP サーバコンポーネントにおける特権アクセスを取得される脆弱性 CWE-255
証明書・パスワード管理
CVE-2009-4770 2012-09-25 17:38 2010-04-20 Show GitHub Exploit DB Packet Storm
240012 9.3 危険 JasPer Project - httpdx の tolog 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-134
書式文字列の問題
CVE-2009-4769 2012-09-25 17:38 2010-04-20 Show GitHub Exploit DB Packet Storm
240013 9.3 危険 Mini-stream Software - Mini-stream RM Downloader におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-4761 2012-09-25 17:38 2010-03-29 Show GitHub Exploit DB Packet Storm
240014 9.3 危険 joric - BrotherSoft BMXPlay におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-4759 2012-09-25 17:38 2010-03-29 Show GitHub Exploit DB Packet Storm
240015 9.3 危険 mercuryaudio - Mercury Audio Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-4755 2012-09-25 17:38 2010-03-29 Show GitHub Exploit DB Packet Storm
240016 9.3 危険 mercuryaudio - Mercury Audio Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-4754 2012-09-25 17:38 2010-03-29 Show GitHub Exploit DB Packet Storm
240017 7.1 危険 nas adapter - Addonics NAS Adapter NASU2FW41 の FTP サーバにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-4753 2012-09-25 17:38 2010-03-29 Show GitHub Exploit DB Packet Storm
240018 4.3 警告 Exponent CMS project - Exponent CMS の Contact モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2009-4744 2012-09-25 17:38 2010-03-26 Show GitHub Exploit DB Packet Storm
240019 7.5 危険 junglescripts - JungleScripts Ajax Short Url Script の x/login における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2009-4727 2012-09-25 17:38 2010-03-18 Show GitHub Exploit DB Packet Storm
240020 5 警告 olivier michaud pierre-yves - Quickdev 4 PHP の download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2009-4726 2012-09-25 17:38 2010-03-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
284981 - php
redhat
apple
php
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_hpc_node_eus
enterprise_l…
ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2015-2783 2024-11-21 11:28 2015-06-10 Show GitHub Exploit DB Packet Storm
284982 7.5 HIGH
Network
lighttpd
hp
oracle
lighttpd
virtual_customer_access_system
solaris
mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a N… CWE-74
Injection
CVE-2015-3200 2024-11-21 11:28 2015-06-9 Show GitHub Exploit DB Packet Storm
284983 - zohocorp manageengine_netflow_analyzer Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to hijack the authentication of administrators. CWE-352
 Origin Validation Error
CVE-2015-2961 2024-11-21 11:28 2015-06-9 Show GitHub Exploit DB Packet Storm
284984 - zohocorp manageengine_netflow_analyzer Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting
CVE-2015-2960 2024-11-21 11:28 2015-06-9 Show GitHub Exploit DB Packet Storm
284985 - zohocorp manageengine_netflow_analyzer Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by l… CWE-284
Improper Access Control
CVE-2015-2959 2024-11-21 11:28 2015-06-9 Show GitHub Exploit DB Packet Storm
284986 - redhat thermostat Thermostat before 2.0.0 uses world-readable permissions for the web.xml configuration file, which allows local users to obtain user credentials by reading the file. CWE-200
Information Exposure
CVE-2015-3201 2024-11-21 11:28 2015-06-8 Show GitHub Exploit DB Packet Storm
284987 - sysaid sysaid SysAid Help Desk before 15.2 uses a hardcoded password of Password1 for the sa SQL Server Express user account, which allows remote authenticated users to bypass intended access restrictions by lever… CWE-255
Credentials Management
CVE-2015-3001 2024-11-21 11:28 2015-06-8 Show GitHub Exploit DB Packet Storm
284988 - sysaid sysaid SysAid Help Desk before 15.2 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an XML document to (1) /agententry, (2… CWE-399
 Resource Management Errors
CVE-2015-3000 2024-11-21 11:28 2015-06-8 Show GitHub Exploit DB Packet Storm
284989 - sysaid sysaid Multiple SQL injection vulnerabilities in SysAid Help Desk before 15.2 allow remote administrators to execute arbitrary SQL commands via the (1) groupFilter parameter in an AssetDetails report to /ge… CWE-89
SQL Injection
CVE-2015-2999 2024-11-21 11:28 2015-06-8 Show GitHub Exploit DB Packet Storm
284990 - sysaid sysaid SysAid Help Desk before 15.2 uses a hardcoded encryption key, which makes it easier for remote attackers to obtain sensitive information, as demonstrated by decrypting the database password in WEB-IN… CWE-200
Information Exposure
CVE-2015-2998 2024-11-21 11:28 2015-06-8 Show GitHub Exploit DB Packet Storm