Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242761	5.8	警告	Best Practical Solutions	-	Best Practical Solutions RT の html/Elements/SetupSessionCookie におけるセッションをハイジャックされるの脆弱性	CWE-287 不適切な認証	CVE-2009-4151	2012-06-26 16:18	2009-11-30	Show	GitHub Exploit DB Packet Storm

242762	9.3	危険	daz3d	-	DAZ Studio における任意の JavaScript コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-4148	2012-06-26 16:18	2009-12-4	Show	GitHub Exploit DB Packet Storm

242763	7.2	危険	FreeBSD	-	FreeBSD の libexec/rtld-elf/rtld.c における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4147	2012-06-26 16:18	2009-12-2	Show	GitHub Exploit DB Packet Storm

242764	7.2	危険	FreeBSD	-	FreeBSD の libexec/rtld-elf/rtld.c における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4146	2012-06-26 16:18	2009-12-2	Show	GitHub Exploit DB Packet Storm

242765	4.4	警告	GNU Project	-	GNU coreutils の dist-check.mk の distcheck rule における権限を取得される脆弱性	CWE-59 リンク解釈の問題	CVE-2009-4135	2012-06-26 16:18	2009-12-5	Show	GitHub Exploit DB Packet Storm

242766	6.5	警告	Condor Project レッドハット	-	MRG の Grid Execute Node で使用される Condor における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2009-4133	2012-06-26 16:18	2009-12-23	Show	GitHub Exploit DB Packet Storm

242767	7.2	危険	GNU Project	-	GNU GRUB における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2009-4128	2012-06-26 16:18	2009-12-1	Show	GitHub Exploit DB Packet Storm

242768	4.3	警告	Drupal Alex Barth	-	Drupal の Feed Element Mapper におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4119	2012-06-26 16:18	2009-11-30	Show	GitHub Exploit DB Packet Storm

242769	9.3	危険	Mozilla Foundation didier ernotte	-	Firefox の infoRSS におけるクロスドメインスクリプティング攻撃を実行される脆弱性	CWE-20 不適切な入力確認	CVE-2009-4101	2012-06-26 16:18	2009-07-3	Show	GitHub Exploit DB Packet Storm

242770	7.5	危険	Joomla! g4j.laoneo	-	Joomla! 用 Google Calendar GCalendar コンポーネンにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4099	2012-06-26 16:18	2009-11-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267621	7.4	HIGH Network	f5	big-iq_security big-ip_webaccelerator big-ip_application_security_manager big-ip_access_policy_manager big-ip_policy_enforcement_manager big-iq_cloud big-iq_application_delivery_con…	F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build …	CWE-200 Information Exposure	CVE-2016-2084	2024-11-21 11:47	2016-04-14	Show	GitHub Exploit DB Packet Storm

267622	5.7	MEDIUM Network	canonical jasper_project	ubuntu_linux jasper	Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG…	CWE-399 Resource Management Errors	CVE-2016-2116	2024-11-21 11:47	2016-04-13	Show	GitHub Exploit DB Packet Storm

267623	7.5	HIGH Network	samba canonical debian	samba ubuntu_linux debian_linux	The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers …	CWE-254 7PK - Security Features	CVE-2016-2118	2024-11-21 11:47	2016-04-13	Show	GitHub Exploit DB Packet Storm

267624	7.4	HIGH Network	hp	universal_cmbd_foundation	HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors.	NVD-CWE-Other	CVE-2016-2001	2024-11-21 11:47	2016-04-13	Show	GitHub Exploit DB Packet Storm

267625	6.1	MEDIUM Network	apache	struts	Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInterceptor, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspec…	CWE-79 Cross-site Scripting	CVE-2016-2162	2024-11-21 11:47	2016-04-13	Show	GitHub Exploit DB Packet Storm

267626	9.8	CRITICAL Network	apache	ofbiz	Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections l…	CWE-20 Improper Input Validation	CVE-2016-2170	2024-11-21 11:47	2016-04-12	Show	GitHub Exploit DB Packet Storm

267627	6.5	MEDIUM Network	apache fedoraproject	qpid_proton fedora	The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amq…	CWE-200 Information Exposure	CVE-2016-2166	2024-11-21 11:47	2016-04-12	Show	GitHub Exploit DB Packet Storm

267628	5.3	MEDIUM Network	openstack	nova	The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users …	CWE-200 Information Exposure	CVE-2016-2140	2024-11-21 11:47	2016-04-12	Show	GitHub Exploit DB Packet Storm

267629	8.1	HIGH Network	saltstack opensuse	salt leap	Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master dat…	CWE-284 Improper Access Control	CVE-2016-1866	2024-11-21 11:47	2016-04-12	Show	GitHub Exploit DB Packet Storm

267630	6.2	MEDIUM Local	freebsd	freebsd	Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1885	2024-11-21 11:47	2016-04-12	Show	GitHub Exploit DB Packet Storm