Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252951 5 警告 アップル
サイバートラスト株式会社
VMware
サン・マイクロシステムズ
レッドハット		 - Sun Java SE および OpenJDK の Java Runtime Environment (JRE) における ディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-3728 2010-02-23 11:51 2009-11-9 Show GitHub Exploit DB Packet Storm
252952 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0248 2010-02-22 12:15 2010-01-21 Show GitHub Exploit DB Packet Storm
252953 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0244 2010-02-22 12:15 2010-01-21 Show GitHub Exploit DB Packet Storm
252954 9.3 危険 マイクロソフト - Microsoft Internet Explorer の URL 検証における任意のローカルプログラムを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0027 2010-02-22 12:15 2010-01-21 Show GitHub Exploit DB Packet Storm
252955 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0247 2010-02-22 12:14 2010-01-21 Show GitHub Exploit DB Packet Storm
252956 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0246 2010-02-22 12:14 2010-01-21 Show GitHub Exploit DB Packet Storm
252957 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0245 2010-02-22 12:13 2010-01-21 Show GitHub Exploit DB Packet Storm
252958 4.3 警告 マイクロソフト - Microsoft Internet Explorer の XSS フィルタにおけるクロスサイトスクリプティングの脆弱性 CWE-DesignError
CVE-2009-4074 2010-02-22 12:13 2009-11-25 Show GitHub Exploit DB Packet Storm
252959 6.6 警告 マイクロソフト - Microsoft Windows の kernel における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0232 2010-02-22 12:12 2010-01-20 Show GitHub Exploit DB Packet Storm
252960 10 危険 Rockwell Automation - Rockwell Automation Allen-Bradley MicroLogix PLC に複数の脆弱性 CWE-noinfo
情報不足 		CVE-2009-3739 2010-02-19 14:22 2010-01-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
284511 - redhat
canonical 		libvirt
ubuntu_linux
enterprise_linux 		libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race c… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-4311 2024-11-21 10:55 2013-10-4 Show GitHub Exploit DB Packet Storm
284512 - opensuse
polkit_project
canonical
redhat 		opensuse
polkit
ubuntu_linux
enterprise_linux 		Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is perf… CWE-362
Race Condition 		CVE-2013-4288 2024-11-21 10:55 2013-10-4 Show GitHub Exploit DB Packet Storm
284513 - xen xen The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by r… CWE-200
Information Exposure 		CVE-2013-4361 2024-11-21 10:55 2013-10-2 Show GitHub Exploit DB Packet Storm
284514 - xen xen Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified o… CWE-200
Information Exposure 		CVE-2013-4355 2024-11-21 10:55 2013-10-2 Show GitHub Exploit DB Packet Storm
284515 - redhat jboss_enterprise_web_platform
jboss_enterprise_brms_platform
jboss_enterprise_soa_platform
jboss_enterprise_application_platform 		The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other prod… NVD-CWE-noinfo
CVE-2013-4210 2024-11-21 10:55 2013-10-2 Show GitHub Exploit DB Packet Storm
284516 - polarssl polarssl The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 and 1.2.x before 1.2.8 does not properly parse certificate messages during the SSL/TLS handshake, which allows remote attackers to … CWE-20
 Improper Input Validation  		CVE-2013-4623 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
284517 - werner_baumann davfs2 WEB-DAV Linux File System (davfs2) 1.4.6 and 1.4.7 allow local users to gain privileges via unknown attack vectors in (1) kernel_interface.c and (2) mount_davfs.c, related to the "system" function. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-4362 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
284518 - openstack
fedoraproject
canonical
redhat 		keystone
fedora
ubuntu_linux
openstack 		OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users … CWE-522
 Insufficiently Protected Credentials 		CVE-2013-4222 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
284519 - emeric_vernat javamelody Cross-site scripting (XSS) vulnerability in HtmlSessionInformationsReport.java in JavaMelody 1.46 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted X-Forwarded-… CWE-79
Cross-site Scripting 		CVE-2013-4378 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
284520 - apache
oracle 		struts
mysql_enterprise_monitor
flexcube_private_banking
webcenter_sites 		Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. CWE-16
NVD-CWE-noinfo
CWE-284
Configuration
Improper Access Control 		CVE-2013-4316 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm