Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 22, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242691 5 警告 ACME Laboratories - mini_httpd におけるファイルを上書きされる脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4490 2012-06-26 16:19 2010-01-13 Show GitHub Exploit DB Packet Storm
242692 5 警告 Cherokee Project - Cherokee の header.c におけるウィンドウのタイトルを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4489 2012-06-26 16:19 2010-01-13 Show GitHub Exploit DB Packet Storm
242693 4.3 警告 bloofox - BloofoxCMS の search.5.html におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4522 2012-06-26 16:19 2009-12-31 Show GitHub Exploit DB Packet Storm
242694 4.3 警告 Eclipse Foundation - BIRT の birt-viewer/run におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4521 2012-06-26 16:19 2009-12-17 Show GitHub Exploit DB Packet Storm
242695 3.5 注意 Drupal
astha bhatnagar		 - Drupal のモジュールの OpenSocial Shindig-Integrator モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4514 2012-06-26 16:19 2009-12-31 Show GitHub Exploit DB Packet Storm
242696 9.3 危険 AzeoTech, Inc. - AzeoTech DAQFactory の Web サービスにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4480 2012-06-26 16:19 2009-12-30 Show GitHub Exploit DB Packet Storm
242697 4.3 警告 Episerver - Ektron CMS400.NET におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4473 2012-06-26 16:19 2009-12-30 Show GitHub Exploit DB Packet Storm
242698 7.5 危険 freeschool - FreeSchool における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4471 2012-06-26 16:18 2009-12-30 Show GitHub Exploit DB Packet Storm
242699 7.5 危険 dvbbs - DVBBS の boardrule.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4470 2012-06-26 16:18 2009-12-30 Show GitHub Exploit DB Packet Storm
242700 4.3 警告 giombetti - phpPowerCards の pagenumber.inc.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4469 2012-06-26 16:18 2009-12-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267171 7.5 HIGH
Network 		huawei s5700_firmware
s6700_firmware
s7700_firmware
s9700_firmware
s12700_firmware
acu2_firmware 		Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-2404 2024-11-21 11:48 2017-04-3 Show GitHub Exploit DB Packet Storm
267172 8.8 HIGH
Adjacent 		pidgin mxit The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain log… CWE-326
Inadequate Encryption Strength 		CVE-2016-2379 2024-11-21 11:48 2017-03-30 Show GitHub Exploit DB Packet Storm
267173 7.5 HIGH
Network 		uclibc-ng_project uclibc-ng The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a crafted packet. CWE-400
 Uncontrolled Resource Consumption 		CVE-2016-2225 2024-11-21 11:48 2017-03-25 Show GitHub Exploit DB Packet Storm
267174 7.5 HIGH
Network 		uclibc-ng_project uclibc-ng The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compressed items in a reply. CWE-400
 Uncontrolled Resource Consumption 		CVE-2016-2224 2024-11-21 11:48 2017-03-25 Show GitHub Exploit DB Packet Storm
267175 4.3 MEDIUM
Network 		huawei document_security_management The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by l… CWE-275
 Permission Issues 		CVE-2016-2406 2024-11-21 11:48 2017-03-21 Show GitHub Exploit DB Packet Storm
267176 7.8 HIGH
Local 		ibm qradar_security_information_and_event_manager IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local user. IBM Reference #: 1997340. CWE-320
 Key Management Errors 		CVE-2016-2880 2024-11-21 11:48 2017-03-2 Show GitHub Exploit DB Packet Storm
267177 7.8 HIGH
Local 		ibm qradar_security_information_and_event_manager IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. IBM Reference #: 1997341. CWE-326
Inadequate Encryption Strength 		CVE-2016-2879 2024-11-21 11:48 2017-03-2 Show GitHub Exploit DB Packet Storm
267178 7.8 HIGH
Local 		gnu libiberty Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow. CWE-119
CWE-190
Incorrect Access of Indexable Resource ('Range Error') 
 Integer Overflow or Wraparound 		CVE-2016-2226 2024-11-21 11:48 2017-02-25 Show GitHub Exploit DB Packet Storm
267179 6.1 MEDIUM
Network 		adcon_telemetry a850_telemetry_gateway_base_station_firmware An issue was discovered in Adcon Telemetry A850 Telemetry Gateway Base Station. The Web Interface does not neutralize or incorrectly neutralizes user-controllable input before it is placed in the out… CWE-79
Cross-site Scripting 		CVE-2016-2274 2024-11-21 11:48 2017-02-14 Show GitHub Exploit DB Packet Storm
267180 9.8 CRITICAL
Network 		puppet marionette_collective
puppet_enterprise 		MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to execute arbitrary code via vectors related to the mco ping command. CWE-284
Improper Access Control 		CVE-2016-2788 2024-11-21 11:48 2017-02-14 Show GitHub Exploit DB Packet Storm