Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251831 9.3 危険 KDE project
Glyph & Cog, LLC
GNOME Project
サイバートラスト株式会社
レッドハット		 - Xpdf、gpdf および kpdf の FoFiType1::parse 関数における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4035 2010-01-29 09:54 2009-12-16 Show GitHub Exploit DB Packet Storm
251832 7.8 危険 Mozilla Foundation - Mozilla Firefox/SeaMonkey の GeckoActiveXObject 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-3987 2010-01-29 09:54 2009-12-15 Show GitHub Exploit DB Packet Storm
251833 7.6 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における任意の JavaScript を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3986 2010-01-29 09:54 2009-12-15 Show GitHub Exploit DB Packet Storm
251834 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey におけるコンテンツを偽装される脆弱性 CWE-Other
その他 		CVE-2009-3985 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
251835 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における http URL または file URL の SSL インジケータを偽装される脆弱性 CWE-Other
その他 		CVE-2009-3984 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
251836 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における認証されたリクエストを任意のアプリケーションに送信される脆弱性 CWE-Other
その他 		CVE-2009-3983 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
251837 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の libtheora における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2009-3389 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
251838 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の liboggplay における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2009-3388 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
251839 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の JavaScript エンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3982 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
251840 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3981 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
256651 7.8 HIGH
Local 		zscaler client_connector While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscale… CWE-346
 Origin Validation Error 		CVE-2024-23458 2024-08-8 06:29 2024-08-7 Show GitHub Exploit DB Packet Storm
256652 6.5 MEDIUM
Network 		zscaler client_connector An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190. CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2023-28806 2024-08-8 06:29 2024-08-7 Show GitHub Exploit DB Packet Storm
256653 8.8 HIGH
Network 		datagear datagear A vulnerability was found in DataGear up to 5.0.0. It has been declared as critical. Affected by this vulnerability is the function evaluateVariableExpression of the file ConversionSqlParamValueMappe… CWE-917
 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') 		CVE-2024-7552 2024-08-8 06:29 2024-08-7 Show GitHub Exploit DB Packet Storm
256654 9.8 CRITICAL
Network 		zscaler client_connector An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command Injection. This issue affects Zscaler Client Connector on MacOS <4.2. CWE-78
OS Command  		CVE-2024-23483 2024-08-8 06:23 2024-08-7 Show GitHub Exploit DB Packet Storm
256655 4.9 MEDIUM
Network 		zscaler client_connector In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows <4.2.1 NVD-CWE-noinfo
CVE-2024-23464 2024-08-8 06:23 2024-08-7 Show GitHub Exploit DB Packet Storm
256656 9.8 CRITICAL
Network 		vivotek cc8160_firmware ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d. It has been classified as critical. This affects the function getenv of the file upload_file.cgi. The manipulat… CWE-77
Command Injection 		CVE-2024-7440 2024-08-8 06:15 2024-08-4 Show GitHub Exploit DB Packet Storm
256657 - smarty smarty PHP remote file inclusion vulnerability in unit_test/test_cases.php in Smarty 2.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the SMARTY_DIR parameter. NOTE: this issue is d… NVD-CWE-Other
CVE-2006-7193 2024-08-8 06:15 2007-04-13 Show GitHub Exploit DB Packet Storm
256658 - morcego_cms morcego_cms Multiple PHP remote file inclusion vulnerabilities in Morcego CMS 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) fichero parameter to morcegoCMS.php or th… CWE-94
Code Injection 		CVE-2006-7181 2024-08-8 06:15 2007-03-30 Show GitHub Exploit DB Packet Storm
256659 - oracle database_server Absolute path traversal vulnerability in Oracle Database Server, when utl_file_dir is set to a wildcard value or "CREATE ANY DIRECTORY to PUBLIC" privileges exist, allows remote authenticated users t… NVD-CWE-Other
CVE-2006-7141 2024-08-8 06:15 2007-03-8 Show GitHub Exploit DB Packet Storm
256660 - cuttlefish leicestershire_communityportals PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_pat… CWE-94
Code Injection 		CVE-2006-7146 2024-08-8 06:15 2007-03-8 Show GitHub Exploit DB Packet Storm