Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253761	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253762	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

253763	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

253764	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

253765	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
269351	9.1	CRITICAL Network	ibm pcre	powerkvm pcre	Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from hea…	CWE-119 CWE-200 Incorrect Access of Indexable Resource ('Range Error') Information Exposure	CVE-2015-5073	2024-11-21 11:32	2016-12-14	Show	GitHub Exploit DB Packet Storm

269352	2.6	LOW Adjacent	ibm	tealeaf_customer_experience	IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A b…	CWE-200 Information Exposure	CVE-2015-4961	2024-11-21 11:32	2016-11-25	Show	GitHub Exploit DB Packet Storm

269353	7.5	HIGH Network	openstack	nova glance cinder	The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attack…	CWE-399 Resource Management Errors	CVE-2015-5162	2024-11-21 11:32	2016-10-7	Show	GitHub Exploit DB Packet Storm

269354	5.4	MEDIUM Network	phpvibe	phpvibe	Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users to inject arbitrary web script or HTML via a comment.	CWE-79 Cross-site Scripting	CVE-2015-5399	2024-11-21 11:32	2016-08-27	Show	GitHub Exploit DB Packet Storm

269355	7.1	HIGH Local	canonical redhat debian spice_project	ubuntu_linux enterprise_linux_server_eus enterprise_linux_hpc_node enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_hpc_node_eus deb…	Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-5261	2024-11-21 11:32	2016-06-7	Show	GitHub Exploit DB Packet Storm

269356	7.8	HIGH Local	redhat debian canonical spice_project	enterprise_linux_server_eus enterprise_linux_hpc_node enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation debian_linux ubuntu_linux spice enterprise_…	Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host v…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-5260	2024-11-21 11:32	2016-06-7	Show	GitHub Exploit DB Packet Storm

269357	5.5	MEDIUM Local	criu opensuse	checkpoint\/restore_in_userspace opensuse	The service daemon in CRIU does not properly restrict access to non-dumpable processes, which allows local users to obtain sensitive information via (1) process dumps or (2) ptrace access.	CWE-200 Information Exposure	CVE-2015-5231	2024-11-21 11:32	2016-06-7	Show	GitHub Exploit DB Packet Storm

269358	7.8	HIGH Local	opensuse criu	opensuse checkpoint\/restore_in_userspace	The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a director…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-5228	2024-11-21 11:32	2016-06-7	Show	GitHub Exploit DB Packet Storm

269359	9.1	CRITICAL Network	ibm suse redhat	java_sdk linux_enterprise_server linux_enterprise_software_development_kit suse_linux_enterprise_server websphere_application_server satellite	The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject …	CWE-200 Information Exposure	CVE-2015-5041	2024-11-21 11:32	2016-06-7	Show	GitHub Exploit DB Packet Storm

269360	4.4	MEDIUM Local	apache	cordova	Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.	CWE-20 Improper Input Validation	CVE-2015-5208	2024-11-21 11:32	2016-05-10	Show	GitHub Exploit DB Packet Storm