Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253711	6.9	警告	マイクロソフト	-	Microsoft Windows の Active Directory フェデレーションサービスのシングルサインオン実装における認証情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2009-2508	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

253712	6.8	警告	マイクロソフト	-	Microsoft Windows の LSASS におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-3675	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

253713	9.3	危険	マイクロソフト	-	Microsoft Project における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-0102	2010-01-22 10:26	2009-12-8	Show	GitHub Exploit DB Packet Storm

253714	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer におけるメモリ破損の脆弱性	CWE-94 コード・インジェクション	CVE-2009-3673	2010-01-22 10:26	2009-12-8	Show	GitHub Exploit DB Packet Storm

253715	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer におけるメモリ破損の脆弱性	CWE-399 リソース管理の問題	CVE-2009-3671	2010-01-22 10:26	2009-12-8	Show	GitHub Exploit DB Packet Storm

253716	10	危険	マイクロソフト	-	Microsoft Windows のインターネット認証サービスにおけるネットワークリソースにアクセスされる脆弱性	CWE-255 CWE-94	CVE-2009-3677	2010-01-22 10:24	2009-12-8	Show	GitHub Exploit DB Packet Storm

253717	10	危険	マイクロソフト	-	Microsoft Windows のインターネット認証サービスにおける任意のコードを実行される脆弱性	CWE-287 不適切な認証	CVE-2009-2505	2010-01-22 10:24	2009-12-8	Show	GitHub Exploit DB Packet Storm

253718	6.9	警告	acpid	-	acpid の umask におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4235	2010-01-21 11:44	2009-12-7	Show	GitHub Exploit DB Packet Storm

253719	6.9	警告	サイバートラスト株式会社レッドハット acpid	-	acpid のレッドハットパッチにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4033	2010-01-21 11:43	2009-12-7	Show	GitHub Exploit DB Packet Storm

253720	10	危険	アドビシステムズ	-	Adobe Illustrator における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-3952	2010-01-21 11:43	2010-01-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
273131	-	inductiveautomation	ignition	Inductive Automation Ignition 7.7.2 does not terminate a session upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.	CWE-254 7PK - Security Features	CVE-2015-0993	2024-11-21 11:24	2015-04-3	Show	GitHub Exploit DB Packet Storm

273132	-	inductiveautomation	ignition	Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local users to obtain sensitive information via unspecified vectors.	CWE-200 Information Exposure	CVE-2015-0992	2024-11-21 11:24	2015-04-3	Show	GitHub Exploit DB Packet Storm

273133	-	inductiveautomation	ignition	Inductive Automation Ignition 7.7.2 allows remote attackers to obtain sensitive information by reading an error message about an unhandled exception, as demonstrated by pathname information.	CWE-200 Information Exposure	CVE-2015-0991	2024-11-21 11:24	2015-04-3	Show	GitHub Exploit DB Packet Storm

273134	-	ecava	integraxor	Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory.	NVD-CWE-Other	CVE-2015-0990	2024-11-21 11:24	2015-04-3	Show	GitHub Exploit DB Packet Storm

273135	-	inductiveautomation	ignition	Cross-site scripting (XSS) vulnerability in Inductive Automation Ignition 7.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2015-0976	2024-11-21 11:24	2015-04-3	Show	GitHub Exploit DB Packet Storm

273136	-	google	chrome	Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspeci…	CWE-362 Race Condition	CVE-2015-1234	2024-11-21 11:24	2015-04-2	Show	GitHub Exploit DB Packet Storm

273137	-	google	chrome	Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors.	CWE-17 Code	CVE-2015-1233	2024-11-21 11:24	2015-04-2	Show	GitHub Exploit DB Packet Storm

273138	-	xzeres	442sr_os 442sr	Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that modify the default user's pa…	CWE-352 Origin Validation Error	CVE-2015-0985	2024-11-21 11:24	2015-03-31	Show	GitHub Exploit DB Packet Storm

273139	-	honeywell	excel_web_xl_1000c1000_600_i\/o excel_web_xl_1000c50u_52_i\/o_uukl excel_web_xl_1000c500_300_i\/o_uukl excel_web_xl_1000c1000_600_i\/o_uukl excel_web_xl_1000c100_104_i\/o excel_web_xl_…	Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O U…	CWE-22 Path Traversal	CVE-2015-0984	2024-11-21 11:24	2015-03-31	Show	GitHub Exploit DB Packet Storm

273140	-	schneider-electric aveva	wonderware_intouch_2014 aveva_edge	Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allow…	CWE-200 Information Exposure	CVE-2015-0999	2024-11-21 11:24	2015-03-29	Show	GitHub Exploit DB Packet Storm