Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242741 4.3 警告 Clixint Technologies - Image Hosting Script DPI の images.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4252 2012-06-26 16:18 2009-12-9 Show GitHub Exploit DB Packet Storm
242742 9.3 危険 コーレル株式会社 - Jasc Paint Shop Pro におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4251 2012-06-26 16:18 2009-12-9 Show GitHub Exploit DB Packet Storm
242743 4.3 警告 korn19
CutePHP		 - CutePHP CuteNews および UTF-8 CuteNews におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4250 2012-06-26 16:18 2009-12-9 Show GitHub Exploit DB Packet Storm
242744 2.6 注意 CutePHP - CutePHP CuteNews におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4249 2012-06-26 16:18 2009-12-9 Show GitHub Exploit DB Packet Storm
242745 7.5 危険 Basic-CMS - SweetRice の as/lib/plugins.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4231 2012-06-26 16:18 2009-12-8 Show GitHub Exploit DB Packet Storm
242746 7.5 危険 Activewebsoftwares - ActiveWebSoftwares Active Bids における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4229 2012-06-26 16:18 2009-12-8 Show GitHub Exploit DB Packet Storm
242747 6.8 警告 Basic-CMS - SweetRice における PHP リモートファイルインクルージョンの脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4224 2012-06-26 16:18 2009-12-7 Show GitHub Exploit DB Packet Storm
242748 7.5 危険 gianni tommasi - KR-Web の adm/krgourl.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4223 2012-06-26 16:18 2009-12-7 Show GitHub Exploit DB Packet Storm
242749 9.3 危険 サン・マイクロシステムズ
disa		 - Solaris x86 プラットフォームの U.S. DISA SRR スクリプトにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4211 2012-06-26 16:18 2009-12-4 Show GitHub Exploit DB Packet Storm
242750 7.5 危険 cmsnx - Million Dollar Text Links の admin.link.modify.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4206 2012-06-26 16:18 2009-12-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268131 7.5 HIGH
Network 		cisco dpc3939_wireless_residential_voice_gateway_firmware The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506. CWE-200
Information Exposure 		CVE-2016-1325 2024-11-21 11:46 2016-03-10 Show GitHub Exploit DB Packet Storm
268132 7.5 HIGH
Network 		cisco asa_5500_csc-ssm_firmware The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of servic… CWE-119
CWE-399
Incorrect Access of Indexable Resource ('Range Error') 
 Resource Management Errors 		CVE-2016-1312 2024-11-21 11:46 2016-03-10 Show GitHub Exploit DB Packet Storm
268133 8.6 HIGH
Network 		isc
suse
opensuse
fedoraproject
canonical
debian
juniper 		bind
linux_enterprise_server
linux_enterprise_debuginfo
openstack_cloud
manager_proxy
linux_enterprise_desktop
linux_enterprise_software_development_kit
manager
opensuse
le… 		named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME r… NVD-CWE-noinfo
CVE-2016-1286 2024-11-21 11:46 2016-03-10 Show GitHub Exploit DB Packet Storm
268134 6.8 MEDIUM
Network 		isc
suse
opensuse
fedoraproject
canonical
debian
juniper 		bind
linux_enterprise_server
linux_enterprise_debuginfo
openstack_cloud
manager_proxy
linux_enterprise_desktop
linux_enterprise_software_development_kit
manager
opensuse
le… 		named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service … NVD-CWE-noinfo
CVE-2016-1285 2024-11-21 11:46 2016-03-10 Show GitHub Exploit DB Packet Storm
268135 9.8 CRITICAL
Network 		google chrome Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. NVD-CWE-noinfo
CVE-2016-1642 2024-11-21 11:46 2016-03-6 Show GitHub Exploit DB Packet Storm
268136 8.8 HIGH
Network 		google chrome Use-after-free vulnerability in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecifie… NVD-CWE-Other
CVE-2016-1641 2024-11-21 11:46 2016-03-6 Show GitHub Exploit DB Packet Storm
268137 4.3 MEDIUM
Network 		google chrome The Web Store inline-installer implementation in the Extensions UI in Google Chrome before 49.0.2623.75 does not block installations upon deletion of an installation frame, which makes it easier for … CWE-17
Code 		CVE-2016-1640 2024-11-21 11:46 2016-03-6 Show GitHub Exploit DB Packet Storm
268138 9.8 CRITICAL
Network 		google chrome Use-after-free vulnerability in browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc in the WebRTC Audio Private API implementation in Google Chrome before 49.0.2623.75 allows remo… NVD-CWE-Other
CVE-2016-1639 2024-11-21 11:46 2016-03-6 Show GitHub Exploit DB Packet Storm
268139 6.3 MEDIUM
Network 		google chrome extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass inte… CWE-284
Improper Access Control 		CVE-2016-1638 2024-11-21 11:46 2016-03-6 Show GitHub Exploit DB Packet Storm
268140 6.5 MEDIUM
Network 		google chrome The SkATan2_255 function in effects/gradients/SkSweepGradient.cpp in Skia, as used in Google Chrome before 49.0.2623.75, mishandles arctangent calculations, which allows remote attackers to obtain se… CWE-200
Information Exposure 		CVE-2016-1637 2024-11-21 11:46 2016-03-6 Show GitHub Exploit DB Packet Storm