Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 28, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253141	9.3	危険	マイクロソフト	-	Microsoft Windows の kernel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2514	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253142	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2513	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253143	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253144	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253145	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

253146	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

253147	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 28, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
251961	9.8	CRITICAL Network	hp	application_performance_management	A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code …	CWE-306 Missing Authentication for Critical Function	CVE-2017-14350	2024-11-21 12:12	2017-09-30	Show	GitHub Exploit DB Packet Storm

251962	9.8	CRITICAL Network	hp	sitescope	An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data.	CWE-269 Improper Privilege Management	CVE-2017-14349	2024-11-21 12:12	2017-09-30	Show	GitHub Exploit DB Packet Storm

251963	9.8	CRITICAL Network	shindiristudio	content_timeline	Multiple SQL injection vulnerabilities in the Content Timeline plugin 4.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) timeline parameter in content_timeline_c…	CWE-89 SQL Injection	CVE-2017-14507	2024-11-21 12:12	2017-09-29	Show	GitHub Exploit DB Packet Storm

251964	8.8	HIGH Network	opentext	documentum_administrator documentum_webtop	Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files…	CWE-611 XXE	CVE-2017-14527	2024-11-21 12:12	2017-09-28	Show	GitHub Exploit DB Packet Storm

251965	8.8	HIGH Network	opentext	documentum_administrator documentum_webtop	Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Administrator 7.2.0180.0055 allow remote authenticated users to list the contents of arbitrary directories, read arbitrar…	CWE-611 XXE	CVE-2017-14526	2024-11-21 12:12	2017-09-28	Show	GitHub Exploit DB Packet Storm

251966	6.1	MEDIUM Network	opentext	documentum_administrator documentum_webtop	Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the st…	CWE-601 Open Redirect	CVE-2017-14525	2024-11-21 12:12	2017-09-28	Show	GitHub Exploit DB Packet Storm

251967	6.1	MEDIUM Network	opentext	documentum_administrator documentum_webtop	Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in…	CWE-601 Open Redirect	CVE-2017-14524	2024-11-21 12:12	2017-09-28	Show	GitHub Exploit DB Packet Storm

251968	9.8	CRITICAL Network	wpdevart	responsive_image_gallery_gallery_album	SQL injection vulnerability in the Responsive Image Gallery plugin before 1.2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "id" parameter in an add_edit_theme tas…	CWE-89 SQL Injection	CVE-2017-14125	2024-11-21 12:12	2017-09-26	Show	GitHub Exploit DB Packet Storm

251969	5.4	MEDIUM Network	geminabox_project	geminabox	geminabox (aka Gem in a Box) before 0.13.6 has XSS, as demonstrated by uploading a gem file that has a crafted gem.homepage value in its .gemspec file.	CWE-79 Cross-site Scripting	CVE-2017-14506	2024-11-21 12:12	2017-09-25	Show	GitHub Exploit DB Packet Storm

251970	8.8	HIGH Network	trendmicro	mobile_security	Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.	CWE-77 Command Injection	CVE-2017-14081	2024-11-21 12:12	2017-09-23	Show	GitHub Exploit DB Packet Storm