Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251911 9.3 危険 マイクロソフト - Microsoft Windows の kernel における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2514 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
251912 6.8 警告 マイクロソフト - Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-2513 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
251913 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
251914 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
251915 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
251916 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
251917 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1181 6.1 MEDIUM
Network 		- - Joomla iProperty Real Estate 4.1.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the filter_keyword parameter. Attackers ca… CWE-79
Cross-site Scripting 		CVE-2023-54361 2026-04-16 00:00 2026-04-10 Show GitHub Exploit DB Packet Storm
1182 6.1 MEDIUM
Network 		- - Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can c… CWE-79
Cross-site Scripting 		CVE-2023-54362 2026-04-16 00:00 2026-04-10 Show GitHub Exploit DB Packet Storm
1183 6.1 MEDIUM
Network 		- - Joomla Solidres 2.13.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating multiple GET parameters including show… CWE-79
Cross-site Scripting 		CVE-2023-54363 2026-04-16 00:00 2026-04-10 Show GitHub Exploit DB Packet Storm
1184 6.1 MEDIUM
Network 		- - Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter en… CWE-79
Cross-site Scripting 		CVE-2023-54364 2026-04-16 00:00 2026-04-10 Show GitHub Exploit DB Packet Storm
1185 9.8 CRITICAL
Network 		- - Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system that allows unauthenticated attackers to execute… CWE-506
 Embedded Malicious Code 		CVE-2026-34424 2026-04-16 00:00 2026-04-10 Show GitHub Exploit DB Packet Storm
1186 7.1 HIGH
Network 		- - Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileF… CWE-89
SQL Injection 		CVE-2018-25257 2026-04-16 00:00 2026-04-12 Show GitHub Exploit DB Packet Storm
1187 8.4 HIGH
Local 		- - RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers c… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2018-25258 2026-04-16 00:00 2026-04-12 Show GitHub Exploit DB Packet Storm
1188 8.4 HIGH
Local 		- - Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitati… CWE-787
 Out-of-bounds Write 		CVE-2019-25691 2026-04-16 00:00 2026-04-12 Show GitHub Exploit DB Packet Storm
1189 8.4 HIGH
Local 		- - R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payl… CWE-787
 Out-of-bounds Write 		CVE-2019-25695 2026-04-16 00:00 2026-04-12 Show GitHub Exploit DB Packet Storm
1190 5.0 MEDIUM
Local 		bytecodealliance wasmtime Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be trig… CWE-416
 Use After Free 		CVE-2026-34983 2026-04-15 23:49 2026-04-10 Show GitHub Exploit DB Packet Storm