Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253141	9.3	危険	マイクロソフト	-	Microsoft Windows の kernel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2514	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253142	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2513	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253143	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253144	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253145	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

253146	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

253147	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
257011	4.3	MEDIUM Network	huawei	s12700_firmware s5700_firmware s7700_firmware s9700_firmware	Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the …	CWE-20 Improper Input Validation	CVE-2016-8785	2024-11-21 12:00	2018-03-10	Show	GitHub Exploit DB Packet Storm

257012	4.3	MEDIUM Adjacent	huawei	cloudengine_12800_firmware	Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (L…	CWE-399 Resource Management Errors	CVE-2016-8784	2024-11-21 12:00	2018-03-10	Show	GitHub Exploit DB Packet Storm

257013	7.8	HIGH Local	huawei	honor_6_firmware p9_plus_firmware	Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than H60-L02_6.12.16 and P9 Plus Versions earlier than VIE-AL10BC00B356 has a stack overflow vulnerabilities. An attacker tricks a user into…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-8783	2024-11-21 12:00	2018-03-10	Show	GitHub Exploit DB Packet Storm

257014	5.3	MEDIUM Network	huawei	cloudengine_12800_firmware	Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (L…	CWE-399 Resource Management Errors	CVE-2016-8782	2024-11-21 12:00	2018-03-10	Show	GitHub Exploit DB Packet Storm

257015	7.5	HIGH Network	huawei	s12700_firmware s5700_firmware s6700_firmware s7700_firmware s9700_firmware	Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00…	CWE-20 Improper Input Validation	CVE-2016-8786	2024-11-21 12:00	2018-03-10	Show	GitHub Exploit DB Packet Storm

257016	4.7	MEDIUM Network	wordpress	wordpress	WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection (XSF) attacks by leveraging code contained wit…	CWE-20 Improper Input Validation	CVE-2016-9263	2024-11-21 12:00	2017-10-13	Show	GitHub Exploit DB Packet Storm

257017	9.8	CRITICAL Network	ibm	tivoli_storage_manager	The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. A…	CWE-287 Improper Authentication	CVE-2016-8937	2024-11-21 12:00	2017-10-6	Show	GitHub Exploit DB Packet Storm

257018	5.4	MEDIUM Network	ibm	emptoris_strategic_supply_management emptoris_supplier_lifecycle_management	IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-craf…	CWE-601 Open Redirect	CVE-2016-8949	2024-11-21 12:00	2017-08-10	Show	GitHub Exploit DB Packet Storm

257019	5.4	MEDIUM Network	ibm	rhapsody_design_manager	IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall…	CWE-79 Cross-site Scripting	CVE-2016-8975	2024-11-21 12:00	2017-07-25	Show	GitHub Exploit DB Packet Storm

257020	9.8	CRITICAL Network	ibm	license_metric_tool bigfix_inventory	IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 118853.	CWE-200 CWE-254 Information Exposure 7PK - Security Features	CVE-2016-8964	2024-11-21 12:00	2017-07-14	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed