Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242971 9.3 危険 evils-world - BrotherSoft EW-MusicPlayer におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4757 2012-06-26 16:19 2010-03-29 Show GitHub Exploit DB Packet Storm
242972 9.3 危険 beatport - Beatport Player の TraktorBeatport.exe におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4756 2012-06-26 16:19 2010-03-29 Show GitHub Exploit DB Packet Storm
242973 7.5 危険 andrew charlton
WordPress.org		 - WordPress の My Category Order プラグインの mycategoryorder.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4748 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
242974 4.3 警告 dreamlevels - Dreamlevels DreamPoll の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4746 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
242975 7.5 危険 dreamlevels - Dreamlevels DreamPoll の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4745 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
242976 4.3 警告 AfterLogic - AfterLogic WebMail Pro の history-storage.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4743 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
242977 7.5 危険 Docebo - Docebo における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4742 2012-06-26 16:19 2010-03-26 Show GitHub Exploit DB Packet Storm
242978 7.5 危険 Allomani - Allomani Audio & Video Library の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4735 2012-06-26 16:19 2010-03-18 Show GitHub Exploit DB Packet Storm
242979 7.5 危険 Allomani - Allomani Movies Library の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4734 2012-06-26 16:19 2010-03-18 Show GitHub Exploit DB Packet Storm
242980 7.5 危険 boldfx - Model Agency Manager PRO の photos.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4731 2012-06-26 16:19 2010-03-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267551 6.5 MEDIUM
Local 		google android A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages root access, aka internal bug 26866053. CWE-20
 Improper Input Validation  		CVE-2016-2411 2024-11-21 11:48 2016-04-18 Show GitHub Exploit DB Packet Storm
267552 7.4 HIGH
Local 		google android A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka inte… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-2410 2024-11-21 11:48 2016-04-18 Show GitHub Exploit DB Packet Storm
267553 8.1 HIGH
Network 		google android A Texas Instruments (TI) haptic kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this d… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-2409 2024-11-21 11:48 2016-04-18 Show GitHub Exploit DB Packet Storm
267554 5.3 MEDIUM
Network 		magento magento The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition before 1.14.2.3 and Magento Community Edition before 1.… CWE-200
Information Exposure 		CVE-2016-2212 2024-11-21 11:48 2016-04-15 Show GitHub Exploit DB Packet Storm
267555 8.8 HIGH
Network 		cacti
opensuse 		cacti
leap
opensuse 		auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-2313 2024-11-21 11:48 2016-04-14 Show GitHub Exploit DB Packet Storm
267556 6.5 MEDIUM
Network 		python_imaging_project
python
debian 		python_imaging
pillow
debian_linux 		Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-2533 2024-11-21 11:48 2016-04-14 Show GitHub Exploit DB Packet Storm
267557 7.5 HIGH
Network 		hawk_project hawk Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service (CPU consumption or partial outage) via a long (1) header or (2) URI that is matched against an improper reg… CWE-399
 Resource Management Errors 		CVE-2016-2515 2024-11-21 11:48 2016-04-14 Show GitHub Exploit DB Packet Storm
267558 6.1 MEDIUM
Network 		debian
horde
fedoraproject 		debian_linux
horde_groupware
groupware
fedora 		Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inje… CWE-79
Cross-site Scripting 		CVE-2016-2228 2024-11-21 11:48 2016-04-14 Show GitHub Exploit DB Packet Storm
267559 6.5 MEDIUM
Network 		optipng
canonical
debian
opensuse 		optipng
ubuntu_linux
debian_linux
leap
opensuse 		The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a craf… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-2191 2024-11-21 11:48 2016-04-14 Show GitHub Exploit DB Packet Storm
267560 7.8 HIGH
Local 		huawei utps_firmware Untrusted search path vulnerability in Huawei UTPS before UTPS-V200R003B015D15SP00C983 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in an unsp… NVD-CWE-Other
CVE-2016-2780 2024-11-21 11:48 2016-04-13 Show GitHub Exploit DB Packet Storm