Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253141	9.3	危険	マイクロソフト	-	Microsoft Windows の kernel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2514	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253142	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2513	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253143	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253144	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253145	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

253146	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

253147	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 28, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293841	-	sitracker	support_incident_tracker	Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) before 3.64 allow remote attackers to execute arbitrary SQL commands via the (1) exc[] parameter to report_marketing.php,…	CWE-89 SQL Injection	CVE-2011-5071	2024-11-21 10:33	2012-01-29	Show	GitHub Exploit DB Packet Storm

293842	-	sitracker	support_incident_tracker	Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) 3.65 allow remote attackers to inject arbitrary web script or HTML via (1) the file name to incident_attachm…	CWE-79 Cross-site Scripting	CVE-2011-5070	2024-11-21 10:33	2012-01-29	Show	GitHub Exploit DB Packet Storm

293843	-	sitracker	support_incident_tracker	Unrestricted file upload vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to execute arbitrary code by uploading a file with an …	NVD-CWE-Other	CVE-2011-5069	2024-11-21 10:33	2012-01-29	Show	GitHub Exploit DB Packet Storm

293844	-	sitracker	support_incident_tracker	Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) 3.65 allow remote attackers to hijack the authentication of user for requests that delete a user via …	CWE-352 Origin Validation Error	CVE-2011-5068	2024-11-21 10:33	2012-01-29	Show	GitHub Exploit DB Packet Storm

293845	-	sitracker	support_incident_tracker	move_uploaded_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive information via the file name, which reveals the installation path in an error…	CWE-200 Information Exposure	CVE-2011-5067	2024-11-21 10:33	2012-01-29	Show	GitHub Exploit DB Packet Storm

293846	-	tencent	qqpphoto	The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a password hash via a cr…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4867	2024-11-21 10:33	2012-01-25	Show	GitHub Exploit DB Packet Storm

293847	-	kaixin001	kaixin001	The Kaixin001 (com.kaixin001.activity) application 1.3.1 and 1.3.3 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a cleartext pass…	CWE-200 Information Exposure	CVE-2011-4866	2024-11-21 10:33	2012-01-25	Show	GitHub Exploit DB Packet Storm

293848	-	tencent	microblogpad wblog	The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not properly protect data, which allows remote attackers to read or modify message drafts and search key…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4865	2024-11-21 10:33	2012-01-25	Show	GitHub Exploit DB Packet Storm

293849	-	tencent	mobileqq	The Tencent MobileQQ (com.tencent.mobileqq) application 2.2 for Android does not properly protect data, which allows remote attackers to read or modify messages and a friends list via a crafted appli…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4864	2024-11-21 10:33	2012-01-25	Show	GitHub Exploit DB Packet Storm

293850	-	tencent	qqpimsecure	The Tencent QQPimSecure (com.tencent.qqpimsecure) application 3.0.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS/MMS messages and a contact list via…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-4863	2024-11-21 10:33	2012-01-25	Show	GitHub Exploit DB Packet Storm