Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242911 4.3 警告 ATutor - ACollab におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-4942 2012-06-26 16:19 2010-07-22 Show GitHub Exploit DB Packet Storm
242912 4.3 警告 ATutor - ATRC ACollab の sign_in.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4941 2012-06-26 16:19 2010-07-22 Show GitHub Exploit DB Packet Storm
242913 7.5 危険 esoftpro - Online Guestbook Pro の ogp_show.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4935 2012-06-26 16:19 2010-07-12 Show GitHub Exploit DB Packet Storm
242914 4.3 警告 esoftpro - Online Photo Pro の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4934 2012-06-26 16:19 2010-07-12 Show GitHub Exploit DB Packet Storm
242915 6.8 警告 bestwebsharing - Groovy Media Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4931 2012-06-26 16:19 2010-07-12 Show GitHub Exploit DB Packet Storm
242916 4.3 警告 esoftpro - Online Contact Manager および EContact PRO におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4926 2012-06-26 16:19 2010-07-12 Show GitHub Exploit DB Packet Storm
242917 6.8 警告 creasito - Portale e-commerce Creasito における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4925 2012-06-26 16:19 2010-07-12 Show GitHub Exploit DB Packet Storm
242918 4.3 警告 dan pascu - Dan Pascu python-cjson における特定のクロスサイトスクリプティング攻撃を誘発する脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4924 2012-06-26 16:19 2010-07-2 Show GitHub Exploit DB Packet Storm
242919 6.8 警告 dootzky - oBlog の admin/index.php における総当りパスワード推測攻撃を実行される脆弱性 CWE-287
不適切な認証 		CVE-2009-4909 2012-06-26 16:19 2010-06-25 Show GitHub Exploit DB Packet Storm
242920 4.3 警告 dootzky - oBlog におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4908 2012-06-26 16:19 2010-06-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268631 3.3 LOW
Local 		libdwarf_project libdwarf The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file. CWE-125
Out-of-bounds Read 		CVE-2016-2091 2024-11-21 11:47 2016-02-9 Show GitHub Exploit DB Packet Storm
268632 6.5 MEDIUM
Network 		jasper_project jasper The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image. CWE-20
 Improper Input Validation  		CVE-2016-2089 2024-11-21 11:47 2016-02-9 Show GitHub Exploit DB Packet Storm
268633 5.5 MEDIUM
Network 		djangoproject django Django 1.9.x before 1.9.2, when ModelAdmin.save_as is set to True, allows remote authenticated users to bypass intended access restrictions and create ModelAdmin objects via the "Save as New" option … CWE-284
Improper Access Control 		CVE-2016-2048 2024-11-21 11:47 2016-02-9 Show GitHub Exploit DB Packet Storm
268634 9.8 CRITICAL
Network 		kubernetes kubernetes Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-1906 2024-11-21 11:47 2016-02-4 Show GitHub Exploit DB Packet Storm
268635 7.7 HIGH
Network 		kubernetes kubernetes The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object. CWE-284
Improper Access Control 		CVE-2016-1905 2024-11-21 11:47 2016-02-4 Show GitHub Exploit DB Packet Storm
268636 8.8 HIGH
Network 		janrain php-openid examples/consumer/common.php in JanRain PHP OpenID library (aka php-openid) improperly checks the openid.realm parameter against the SERVER_NAME element in the SERVER superglobal array, which might a… CWE-284
Improper Access Control 		CVE-2016-2049 2024-11-21 11:47 2016-02-2 Show GitHub Exploit DB Packet Storm
268637 5.3 MEDIUM
Network 		google
mozilla 		android
firefox 		Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modi… CWE-310
Cryptographic Issues 		CVE-2016-1948 2024-11-21 11:47 2016-02-1 Show GitHub Exploit DB Packet Storm
268638 4.7 MEDIUM
Network 		canonical
opensuse
mozilla 		ubuntu_linux
leap
opensuse
firefox 		Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of re… CWE-19
 Data Processing Errors 		CVE-2016-1947 2024-11-21 11:47 2016-02-1 Show GitHub Exploit DB Packet Storm
268639 9.8 CRITICAL
Network 		opensuse
mozilla 		leap
opensuse
firefox 		The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a … CWE-119
CWE-189
Incorrect Access of Indexable Resource ('Range Error') 
Numeric Errors 		CVE-2016-1946 2024-11-21 11:47 2016-02-1 Show GitHub Exploit DB Packet Storm
268640 8.8 HIGH
Network 		mozilla
opensuse 		firefox
leap
opensuse 		The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer d… NVD-CWE-noinfo
CVE-2016-1945 2024-11-21 11:47 2016-02-1 Show GitHub Exploit DB Packet Storm