Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241411 4.3 警告 Drupal - Drupal 用の Print モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1343 2012-06-26 16:10 2009-04-15 Show GitHub Exploit DB Packet Storm
241412 4.3 警告 Drupal - Drupal 用の CCK コメント参照モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1342 2012-06-26 16:10 2009-04-15 Show GitHub Exploit DB Packet Storm
241413 7.5 危険 guestcal - GuestCal の includes/ini.inc.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-1319 2012-06-26 16:10 2009-04-17 Show GitHub Exploit DB Packet Storm
241414 6.8 警告 aquacms - Aqua CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1317 2012-06-26 16:10 2009-04-17 Show GitHub Exploit DB Packet Storm
241415 7.5 危険 abk-soft - AbleSpace における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1316 2012-06-26 16:10 2009-04-17 Show GitHub Exploit DB Packet Storm
241416 4.3 警告 abk-soft - AbleSpace におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1315 2012-06-26 16:10 2009-04-17 Show GitHub Exploit DB Packet Storm
241417 10 危険 Debian - apt におけるセキュリティアップデートの読み込みを阻止される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1300 2012-06-26 16:10 2009-04-8 Show GitHub Exploit DB Packet Storm
241418 1.9 注意 Canonical
Apport project		 - Ubuntu 上の Apport における任意のファイルを削除される脆弱性 CWE-16
環境設定 		CVE-2009-1295 2012-06-26 16:10 2009-04-29 Show GitHub Exploit DB Packet Storm
241419 4.3 警告 シスコシステムズ - Cisco SESM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1287 2012-06-26 16:10 2009-04-13 Show GitHub Exploit DB Packet Storm
241420 5 警告 bibtex - BibTeX におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1284 2012-06-26 16:10 2009-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267001 5.5 MEDIUM
Local 		libarchive libarchive The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafte… CWE-476
 NULL Pointer Dereference 		CVE-2016-10209 2024-11-21 11:43 2017-04-3 Show GitHub Exploit DB Packet Storm
267002 9.8 CRITICAL
Network 		ceragon fibeair_ip-10_firmware In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote attacker can bypass authentication by adding an ALBATROSS cookie with the value 0-4-11 to their browser. CWE-287
Improper Authentication 		CVE-2016-10309 2024-11-21 11:43 2017-03-30 Show GitHub Exploit DB Packet Storm
267003 9.8 CRITICAL
Network 		siklu etherhaul_firmware Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both S… CWE-798
 Use of Hard-coded Credentials 		CVE-2016-10308 2024-11-21 11:43 2017-03-30 Show GitHub Exploit DB Packet Storm
267004 9.8 CRITICAL
Network 		gotrango apex_lynx_firmware
apex_orion_firmware
giga_lynx_firmware
giga_orion_firmware
stratalink_firmware 		Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public (but t… CWE-798
 Use of Hard-coded Credentials 		CVE-2016-10307 2024-11-21 11:43 2017-03-30 Show GitHub Exploit DB Packet Storm
267005 9.8 CRITICAL
Network 		trango a600_firmware Trango Altum AC600 devices have a built-in, hidden root account, with a default password of abcd1234. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UN… CWE-798
 Use of Hard-coded Credentials 		CVE-2016-10306 2024-11-21 11:43 2017-03-30 Show GitHub Exploit DB Packet Storm
267006 9.8 CRITICAL
Network 		gotrango apex_plus_firmware
apex_firmware
apex_lynx_firmware
apex_orion_firmware
giga_firmware
giga_lynx_firmware
giga_orion_firmware
giga_plus_firmware
giga_pro_firmware
stratalink… 		Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices … CWE-798
 Use of Hard-coded Credentials 		CVE-2016-10305 2024-11-21 11:43 2017-03-30 Show GitHub Exploit DB Packet Storm
267007 9.8 CRITICAL
Network 		hesiod_project hesiod The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-10152 2024-11-21 11:43 2017-03-28 Show GitHub Exploit DB Packet Storm
267008 7.8 HIGH
Local 		allwinner linux-3.4-sunxi The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-10225 2024-11-21 11:43 2017-03-28 Show GitHub Exploit DB Packet Storm
267009 8.8 HIGH
Network 		jensenofscandinavia air\ Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.0… CWE-787
 Out-of-bounds Write 		CVE-2016-10273 2024-11-21 11:43 2017-03-26 Show GitHub Exploit DB Packet Storm
267010 7.8 HIGH
Local 		libtiff libtiff LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-10272 2024-11-21 11:43 2017-03-25 Show GitHub Exploit DB Packet Storm