Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245871 7.5 危険 david degner - phpCollegeExchange の house/listing_view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2096 2012-06-26 16:10 2009-06-17 Show GitHub Exploit DB Packet Storm
245872 7.5 危険 creative web solutions - Creative Web Solutions Multi-Level CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2082 2012-06-26 16:10 2009-06-16 Show GitHub Exploit DB Packet Storm
245873 3.5 注意 Drupal - Drupal 用の Taxonomy manager モジュールの管理ページインターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2079 2012-06-26 16:10 2009-06-10 Show GitHub Exploit DB Packet Storm
245874 4 警告 Angry Donuts
Drupal		 - Drupal のモジュールにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-2077 2012-06-26 16:10 2009-06-10 Show GitHub Exploit DB Packet Storm
245875 3.5 注意 Drupal - Drupal 用の Views モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2076 2012-06-26 16:10 2009-06-10 Show GitHub Exploit DB Packet Storm
245876 7.5 危険 Angry Donuts
Drupal		 - Drupal のモジュールの Nodequeue における詳細不明な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-2075 2012-06-26 16:10 2009-06-10 Show GitHub Exploit DB Packet Storm
245877 3.5 注意 Drupal - Drupal 用の Nodequeue モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2074 2012-06-26 16:10 2009-06-10 Show GitHub Exploit DB Packet Storm
245878 6.8 警告 シスコシステムズ - Linksys WRT160N ワイアレスルータにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-2073 2012-06-26 16:10 2009-06-15 Show GitHub Exploit DB Packet Storm
245879 5.4 警告 アップル - Apple Safari における任意の https サイトを偽装される脆弱性 CWE-287
不適切な認証 		CVE-2009-2072 2012-06-26 16:10 2009-06-15 Show GitHub Exploit DB Packet Storm
245880 6.8 警告 アップル - Apple Safari における https サイトのコンテキスト内の Web スクリプトを実行される脆弱性 CWE-287
不適切な認証 		CVE-2009-2066 2012-06-26 16:10 2009-06-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
253221 7.8 HIGH
Local 		mruby
debian 		mruby
debian_linux 		The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service (heap-based use-after-free and application crash) or possibly have unspecified other impac… CWE-416
 Use After Free 		CVE-2017-9527 2024-11-21 12:36 2017-06-12 Show GitHub Exploit DB Packet Storm
253222 5.9 MEDIUM
Network 		gnupg libgcrypt In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ec… CWE-200
Information Exposure 		CVE-2017-9526 2024-11-21 12:36 2017-06-11 Show GitHub Exploit DB Packet Storm
253223 6.7 MEDIUM
Local 		cron_project
debian 		cron
debian_linux 		In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks aga… CWE-59
Link Following 		CVE-2017-9525 2024-11-21 12:36 2017-06-10 Show GitHub Exploit DB Packet Storm
253224 6.1 MEDIUM
Network 		sophos web_appliance The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342. CWE-79
Cross-site Scripting 		CVE-2017-9523 2024-11-21 12:36 2017-06-9 Show GitHub Exploit DB Packet Storm
253225 5.5 MEDIUM
Local 		radare radare2 The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file. CWE-416
 Use After Free 		CVE-2017-9520 2024-11-21 12:36 2017-06-8 Show GitHub Exploit DB Packet Storm
253226 8.8 HIGH
Network 		atmail atmail atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account. CWE-352
 Origin Validation Error 		CVE-2017-9519 2024-11-21 12:36 2017-06-8 Show GitHub Exploit DB Packet Storm
253227 8.8 HIGH
Network 		atmail atmail atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails. CWE-352
 Origin Validation Error 		CVE-2017-9518 2024-11-21 12:36 2017-06-8 Show GitHub Exploit DB Packet Storm
253228 8.8 HIGH
Network 		atmail atmail atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV. CWE-352
 Origin Validation Error 		CVE-2017-9517 2024-11-21 12:36 2017-06-8 Show GitHub Exploit DB Packet Storm
253229 5.4 MEDIUM
Network 		craftcms craft_cms Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file. CWE-79
Cross-site Scripting 		CVE-2017-9516 2024-11-21 12:36 2017-06-8 Show GitHub Exploit DB Packet Storm
253230 6.5 MEDIUM
Network 		imagemagick imagemagick In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file. CWE-617
 Reachable Assertion 		CVE-2017-9501 2024-11-21 12:36 2017-06-7 Show GitHub Exploit DB Packet Storm