Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 28, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253141	9.3	危険	マイクロソフト	-	Microsoft Windows の kernel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2514	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253142	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2513	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253143	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253144	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253145	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

253146	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

253147	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 28, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249021	7.1	HIGH Local	burp_project	burp	The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to th…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2017-18284	2024-11-21 12:19	2018-06-4	Show	GitHub Exploit DB Packet Storm

249022	6.5	MEDIUM Network	imagemagick debian canonical	imagemagick debian_linux ubuntu_linux	In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhausti…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2017-18273	2024-11-21 12:19	2018-05-19	Show	GitHub Exploit DB Packet Storm

249023	6.5	MEDIUM Network	imagemagick	imagemagick	In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is m…	CWE-416 Use After Free	CVE-2017-18272	2024-11-21 12:19	2018-05-19	Show	GitHub Exploit DB Packet Storm

249024	6.5	MEDIUM Network	imagemagick canonical debian	imagemagick ubuntu_linux debian_linux	In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaus…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2017-18271	2024-11-21 12:19	2018-05-19	Show	GitHub Exploit DB Packet Storm

249025	7.1	HIGH Local	linux	linux_kernel	In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service.	NVD-CWE-noinfo	CVE-2017-18270	2024-11-21 12:19	2018-05-19	Show	GitHub Exploit DB Packet Storm

249026	9.8	CRITICAL Network	gnu	glibc	An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the ove…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-18269	2024-11-21 12:19	2018-05-19	Show	GitHub Exploit DB Packet Storm

249027	5.9	MEDIUM Network	broadcom	symantec_intelligencecenter	Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can e…	CWE-203 Information Exposure Through Discrepancy	CVE-2017-18268	2024-11-21 12:19	2018-05-17	Show	GitHub Exploit DB Packet Storm

249028	5.5	MEDIUM Local	freedesktop canonical redhat debian	poppler ubuntu_linux ansible_tower enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server debian_linux	The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by …	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2017-18267	2024-11-21 12:19	2018-05-11	Show	GitHub Exploit DB Packet Storm

249029	8.8	HIGH Network	freedesktop debian canonical	xdg-utils debian_linux ubuntu_linux	The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers…	CWE-74 Injection	CVE-2017-18266	2024-11-21 12:19	2018-05-10	Show	GitHub Exploit DB Packet Storm

249030	7.5	HIGH Network	prosody debian	prosody debian_linux	Prosody before 0.10.0 allows remote attackers to cause a denial of service (application crash), related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket pa…	NVD-CWE-noinfo	CVE-2017-18265	2024-11-21 12:19	2018-05-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed