Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253711 6.9 警告 マイクロソフト - Microsoft Windows の Active Directory フェデレーションサービスのシングルサインオン実装における認証情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2009-2508 2010-01-22 10:27 2009-12-8 Show GitHub Exploit DB Packet Storm
253712 6.8 警告 マイクロソフト - Microsoft Windows の LSASS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-3675 2010-01-22 10:27 2009-12-8 Show GitHub Exploit DB Packet Storm
253713 9.3 危険 マイクロソフト - Microsoft Project における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2009-0102 2010-01-22 10:26 2009-12-8 Show GitHub Exploit DB Packet Storm
253714 9.3 危険 マイクロソフト - Microsoft Internet Explorer におけるメモリ破損の脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3673 2010-01-22 10:26 2009-12-8 Show GitHub Exploit DB Packet Storm
253715 9.3 危険 マイクロソフト - Microsoft Internet Explorer におけるメモリ破損の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-3671 2010-01-22 10:26 2009-12-8 Show GitHub Exploit DB Packet Storm
253716 10 危険 マイクロソフト - Microsoft Windows のインターネット認証サービスにおけるネットワークリソースにアクセスされる脆弱性 CWE-255
CWE-94
CVE-2009-3677 2010-01-22 10:24 2009-12-8 Show GitHub Exploit DB Packet Storm
253717 10 危険 マイクロソフト - Microsoft Windows のインターネット認証サービスにおける任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2009-2505 2010-01-22 10:24 2009-12-8 Show GitHub Exploit DB Packet Storm
253718 6.9 警告 acpid - acpid の umask におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4235 2010-01-21 11:44 2009-12-7 Show GitHub Exploit DB Packet Storm
253719 6.9 警告 サイバートラスト株式会社
レッドハット
acpid		 - acpid のレッドハットパッチにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4033 2010-01-21 11:43 2009-12-7 Show GitHub Exploit DB Packet Storm
253720 10 危険 アドビシステムズ - Adobe Illustrator における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-3952 2010-01-21 11:43 2010-01-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
288711 - opera opera_browser Opera before 12.10 does not properly implement the Cross-Origin Resource Sharing (CORS) specification, which allows remote attackers to bypass intended page-content restrictions via a crafted request. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-6462 2024-11-21 10:46 2013-01-2 Show GitHub Exploit DB Packet Storm
288712 - opera opera_browser The X.509 certificate-validation functionality in the https implementation in Opera before 12.10 allows remote attackers to trigger a false indication of successful revocation-status checking by caus… CWE-20
 Improper Input Validation  		CVE-2012-6461 2024-11-21 10:46 2013-01-2 Show GitHub Exploit DB Packet Storm
288713 - opera opera_browser Opera before 11.67 and 12.x before 12.02 allows remote attackers to cause truncation of a dialog, and possibly trigger downloading and execution of arbitrary programs, via a crafted web site. NVD-CWE-Other
CVE-2012-6460 2024-11-21 10:46 2013-01-2 Show GitHub Exploit DB Packet Storm
288714 - intel connman ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets. CWE-200
Information Exposure 		CVE-2012-6459 2024-11-21 10:46 2013-01-2 Show GitHub Exploit DB Packet Storm
288715 - lemonldap-ng lemonldap\ LemonLDAP::NG before 1.2.3 does not use the signature-verification capability of the Lasso library, which allows remote attackers to bypass intended access-control restrictions via crafted SAML data. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-6426 2024-11-21 10:46 2013-01-2 Show GitHub Exploit DB Packet Storm
288716 - belkin n900_wireless_router The WPA2 implementation on the Belkin N900 F9K1104v1 router establishes a WPS PIN based on 6 digits of the LAN/WLAN MAC address, which makes it easier for remote attackers to obtain access to a Wi-Fi… CWE-310
Cryptographic Issues 		CVE-2012-6371 2024-11-21 10:46 2013-01-1 Show GitHub Exploit DB Packet Storm
288717 - mediawiki rssreader Cross-site scripting (XSS) vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed. CWE-79
Cross-site Scripting 		CVE-2012-6453 2024-11-21 10:46 2012-12-31 Show GitHub Exploit DB Packet Storm
288718 - cerberusftp ftp_server Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a l… CWE-79
Cross-site Scripting 		CVE-2012-6339 2024-11-21 10:46 2012-12-31 Show GitHub Exploit DB Packet Storm
288719 - samsung samsungdive The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a pr… CWE-200
Information Exposure 		CVE-2012-6337 2024-11-21 10:46 2012-12-31 Show GitHub Exploit DB Packet Storm
288720 - lookout lookout The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer." NVD-CWE-noinfo
CVE-2012-6336 2024-11-21 10:46 2012-12-31 Show GitHub Exploit DB Packet Storm