Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241821	7.5	危険	Activewebsoftwares	-	Active Auction House における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4437	2012-06-26 16:18	2009-12-28	Show	GitHub Exploit DB Packet Storm

241822	7.5	危険	Activewebsoftwares	-	Active Web Softwares eWebquiz における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4436	2012-06-26 16:18	2009-12-28	Show	GitHub Exploit DB Packet Storm

241823	6.8	警告	compmaster.prv.pl	-	F3Site 2009 におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4435	2012-06-26 16:18	2009-12-28	Show	GitHub Exploit DB Packet Storm

241824	7.5	危険	codemight	-	CodeMight VideoCMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4432	2012-06-26 16:18	2009-12-28	Show	GitHub Exploit DB Packet Storm

241825	7.5	危険	anything-digital Joomla!	-	Joomla! の Anything Digital Development JCal Pro コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-4431	2012-06-26 16:18	2009-12-28	Show	GitHub Exploit DB Packet Storm

241826	3.5	注意	Drupal alexander hass	-	Drupal の Sections モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4429	2012-06-26 16:18	2009-12-16	Show	GitHub Exploit DB Packet Storm

241827	7.5	危険	Deon George	-	phpLDAPadmin のcmd.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4427	2012-06-26 16:18	2009-12-28	Show	GitHub Exploit DB Packet Storm

241828	4.3	警告	aditus	-	Aditus Consulting JpGraph の GetURLArguments 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4422	2012-06-26 16:18	2009-12-24	Show	GitHub Exploit DB Packet Storm

241829	6.5	警告	Alexander Palmo	-	Simple PHP Blog の languages_cgi.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4421	2012-06-26 16:18	2009-12-24	Show	GitHub Exploit DB Packet Storm

241830	7.5	危険	edgewall	-	Trac における詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-4405	2012-06-26 16:18	2009-12-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266721	5.9	MEDIUM Network	squid-cache	squid	The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows…	CWE-20 Improper Input Validation	CVE-2016-2390	2024-11-21 11:48	2016-04-20	Show	GitHub Exploit DB Packet Storm

266722	5.5	MEDIUM Local	google	android	server/content/ContentService.java in the Framework component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for a GET_ACCOUNTS permissi…	CWE-200 Information Exposure	CVE-2016-2426	2024-11-21 11:48	2016-04-18	Show	GitHub Exploit DB Packet Storm

266723	5.5	MEDIUM Local	google	android	mail/compose/ComposeActivity.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 supports file:///data attachments, which allows attackers…	CWE-200 Information Exposure	CVE-2016-2425	2024-11-21 11:48	2016-04-18	Show	GitHub Exploit DB Packet Storm

266724	5.5	MEDIUM Local	google	android	server/content/SyncStorageEngine.java in SyncStorageEngine in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mismanages certain authority data, which allo…	CWE-20 Improper Input Validation	CVE-2016-2424	2024-11-21 11:48	2016-04-18	Show	GitHub Exploit DB Packet Storm

266725	5.5	MEDIUM Local	bouncycastle google	legion-of-the-bouncy-castle-java-crytography-api android	The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for attackers to defeat a cryptographic prot…	CWE-200 Information Exposure	CVE-2016-2427	2024-11-21 11:48	2016-04-18	Show	GitHub Exploit DB Packet Storm

266726	6.1	MEDIUM Physics	google	android	server/telecom/CallsManager.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider whether a device is provisioned…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-2423	2024-11-21 11:48	2016-04-18	Show	GitHub Exploit DB Packet Storm

266727	7.8	HIGH Local	google	android	Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not prevent use of a Wi-Fi CA certificate in an unrelated CA role, which allows attackers to …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-2422	2024-11-21 11:48	2016-04-18	Show	GitHub Exploit DB Packet Storm

266728	6.1	MEDIUM Physics	google	android	Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-2421	2024-11-21 11:48	2016-04-18	Show	GitHub Exploit DB Packet Storm

266729	7.8	HIGH Local	google	android	rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the /data/tombstones directory exists for the Debuggerd component, which allows attackers to gain privileges via a crafted application…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-2420	2024-11-21 11:48	2016-04-18	Show	GitHub Exploit DB Packet Storm

266730	9.8	CRITICAL Network	google	android	media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certain key-request data structure, which allows attackers to obtain sensitive information from process m…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-2419	2024-11-21 11:48	2016-04-18	Show	GitHub Exploit DB Packet Storm