Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241151 5 警告 audioarticledirectory - Audio Article Directory の download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-2397 2012-06-26 16:10 2009-07-9 Show GitHub Exploit DB Packet Storm
241152 9.3 危険 dutchmonkey - DM Albums の template/album.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2396 2012-06-26 16:10 2009-07-9 Show GitHub Exploit DB Packet Storm
241153 7.5 危険 f-cimag-in
Joomla!		 - Joomla! 用 BookFlip コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2390 2012-06-26 16:10 2009-07-9 Show GitHub Exploit DB Packet Storm
241154 9.3 危険 awingsoft - Awingsoft Awakening Winds3D Viewer プラグインにおける任意のファイルをダウンロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2009-2386 2012-06-26 16:10 2009-07-10 Show GitHub Exploit DB Packet Storm
241155 7.5 危険 Simple Machines
fustrate		 - SMF 用 Member Awards コンポーネントの awardsMembers 関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2385 2012-06-26 16:10 2009-07-8 Show GitHub Exploit DB Packet Storm
241156 7.5 危険 blogtrafficexchange
WordPress.org		 - WordPress 用の Related Sites プラグインの BTE_RW_Webajax.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2383 2012-06-26 16:10 2009-07-8 Show GitHub Exploit DB Packet Storm
241157 5 警告 gizmo5 - Linux 上の Gizmo における任意のユーザの資格情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2009-2381 2012-06-26 16:10 2009-07-8 Show GitHub Exploit DB Packet Storm
241158 4.3 警告 4homepages - 4images の includes/functions.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2380 2012-06-26 16:10 2009-06-15 Show GitHub Exploit DB Packet Storm
241159 6.8 警告 BIGACE - BIGACE Web CMS の public/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-2379 2012-06-26 16:10 2009-07-1 Show GitHub Exploit DB Packet Storm
241160 4.3 警告 avax-software - AVAX-software Avax Vector ActiveX の Avax Vector ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-2377 2012-06-26 16:10 2009-07-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267361 7.8 HIGH
Local 		google android The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 2536… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-0819 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm
267362 5.9 MEDIUM
Network 		google android The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinctio… CWE-254
CWE-345
 7PK - Security Features
 Insufficient Verification of Data Authenticity 		CVE-2016-0818 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm
267363 9.8 CRITICAL
Network 		google android mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_par… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-0816 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm
267364 9.8 CRITICAL
Network 		google android The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers… CWE-20
 Improper Input Validation  		CVE-2016-0815 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm
267365 8.8 HIGH
Network 		adobe
samsung 		flash_player
air
air_sdk
x14j_firmware
flash_player_desktop_runtime
air_desktop_runtime
air_sdk_\&_compiler 		Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A… CWE-416
 Use After Free 		CVE-2016-0999 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm
267366 8.8 HIGH
Network 		adobe
samsung 		flash_player
air
air_sdk
x14j_firmware
flash_player_desktop_runtime
air_desktop_runtime
air_sdk_\&_compiler 		Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A… CWE-416
 Use After Free 		CVE-2016-0998 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm
267367 8.8 HIGH
Network 		adobe
samsung 		flash_player
air
air_sdk
x14j_firmware
flash_player_desktop_runtime
air_desktop_runtime
air_sdk_\&_compiler 		Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A… CWE-416
 Use After Free 		CVE-2016-0997 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm
267368 8.8 HIGH
Network 		adobe
samsung 		flash_player
air
air_sdk
x14j_firmware
flash_player_desktop_runtime
air_desktop_runtime
air_sdk_\&_compiler 		Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR … CWE-416
 Use After Free 		CVE-2016-0996 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm
267369 4.3 MEDIUM
Network 		emc documentum_xcp EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcp_member API call. CWE-200
Information Exposure 		CVE-2016-0886 2024-11-21 11:42 2016-03-10 Show GitHub Exploit DB Packet Storm
267370 8.8 HIGH
Network 		adobe
samsung 		flash_player
air
air_sdk
x14j_firmware
flash_player_desktop_runtime
air_desktop_runtime
air_sdk_\&_compiler 		Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A… CWE-416
 Use After Free 		CVE-2016-0995 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm