Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241381 10 危険 aten - ATEN KH1516i IP KVM スイッチの Windows クライアントプログラムにおける中間者攻撃を実行される脆弱性 CWE-310
暗号の問題 		CVE-2009-1473 2012-06-26 16:10 2009-05-27 Show GitHub Exploit DB Packet Storm
241382 10 危険 aten - ATEN KH1516i IP KVM スイッチの Java クライアントプログラムにおけるスイッチへ接続されているマシンへのアクセス権を取得される脆弱性 CWE-310
暗号の問題 		CVE-2009-1472 2012-06-26 16:10 2009-05-27 Show GitHub Exploit DB Packet Storm
241383 4.3 警告 evolution-extreme - Nuke Evolution Xtreme の player.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1457 2012-06-26 16:10 2009-04-28 Show GitHub Exploit DB Packet Storm
241384 6.8 警告 Andrew Simpson - WebCollab におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-1455 2012-06-26 16:10 2009-04-28 Show GitHub Exploit DB Packet Storm
241385 4.3 警告 Andrew Simpson - WebCollab の tasks.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1454 2012-06-26 16:10 2009-04-28 Show GitHub Exploit DB Packet Storm
241386 6.8 警告 anoochit chalothorn - Tiny Blogr の class.eport.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1453 2012-06-26 16:10 2009-04-28 Show GitHub Exploit DB Packet Storm
241387 7.5 危険 bluevirus-design - SMA-DB の theme/format.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-1452 2012-06-26 16:10 2009-04-28 Show GitHub Exploit DB Packet Storm
241388 4.3 警告 bluevirus-design - SMA-DB の startpage.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1451 2012-06-26 16:10 2009-04-28 Show GitHub Exploit DB Packet Storm
241389 7.5 危険 bluevirus-design - SMA-DB の format.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-1450 2012-06-26 16:10 2009-04-28 Show GitHub Exploit DB Packet Storm
241390 9.3 危険 coolplayer - PortableApps CoolPlayer Portable におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1449 2012-06-26 16:10 2009-04-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267241 9.8 CRITICAL
Network 		samsung
fedoraproject 		x14j_firmware
fedora 		Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denia… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-0729 2024-11-21 11:42 2016-04-8 Show GitHub Exploit DB Packet Storm
267242 6.1 MEDIUM
Network 		apache activemq The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via … CWE-254
 7PK - Security Features 		CVE-2016-0734 2024-11-21 11:42 2016-04-8 Show GitHub Exploit DB Packet Storm
267243 8.8 HIGH
Network 		emc documentum_d2 EMC Documentum D2 before 4.6 lacks intended ACLs for configuration objects, which allows remote authenticated users to modify objects via unspecified vectors. NVD-CWE-noinfo
CVE-2016-0888 2024-11-21 11:42 2016-04-7 Show GitHub Exploit DB Packet Storm
267244 7.5 HIGH
Network 		eaton_lighting_systems eg2_web_control Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to read the configuration file, and consequently discover credentials, via a direct request. CWE-200
Information Exposure 		CVE-2016-0871 2024-11-21 11:42 2016-04-7 Show GitHub Exploit DB Packet Storm
267245 7.5 HIGH
Network 		redhat jboss_wildfly_application_server Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly (formerly JBoss Application Server) before 10.0.0.Final on Windows allows remote attackers to read the sensit… CWE-200
Information Exposure 		CVE-2016-0793 2024-11-21 11:42 2016-04-2 Show GitHub Exploit DB Packet Storm
267246 8.1 HIGH
Network 		redhat
oracle 		enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
icedtea7
jdk
jre 		Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-componen… NVD-CWE-noinfo
CVE-2016-0636 2024-11-21 11:42 2016-03-25 Show GitHub Exploit DB Packet Storm
267247 5.9 MEDIUM
Network 		samba samba The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-0771 2024-11-21 11:42 2016-03-14 Show GitHub Exploit DB Packet Storm
267248 6.1 MEDIUM
Physics 		google android Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified… CWE-264
CWE-254
Permissions, Privileges, and Access Controls
 7PK - Security Features 		CVE-2016-0832 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm
267249 5.5 MEDIUM
Local 		google android The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READ_PHONE_STATE pe… CWE-200
Information Exposure 		CVE-2016-0831 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm
267250 6.5 MEDIUM
Adjacent 		google android btif_config.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service (memory corruption and persistent daemon crash) by triggering a large number of config… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-0830 2024-11-21 11:42 2016-03-13 Show GitHub Exploit DB Packet Storm