Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253831 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0245 2010-02-22 12:13 2010-01-21 Show GitHub Exploit DB Packet Storm
253832 4.3 警告 マイクロソフト - Microsoft Internet Explorer の XSS フィルタにおけるクロスサイトスクリプティングの脆弱性 CWE-DesignError
CVE-2009-4074 2010-02-22 12:13 2009-11-25 Show GitHub Exploit DB Packet Storm
253833 6.6 警告 マイクロソフト - Microsoft Windows の kernel における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0232 2010-02-22 12:12 2010-01-20 Show GitHub Exploit DB Packet Storm
253834 10 危険 Rockwell Automation - Rockwell Automation Allen-Bradley MicroLogix PLC に複数の脆弱性 CWE-noinfo
情報不足 		CVE-2009-3739 2010-02-19 14:22 2010-01-21 Show GitHub Exploit DB Packet Storm
253835 9.3 危険 マイクロソフト - Microsoft Internet Explorer において任意のコードが実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0249 2010-02-19 14:21 2010-01-15 Show GitHub Exploit DB Packet Storm
253836 7.5 危険 アップル
MySQL AB		 - MySQL で使用される yaSSL におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-0227 2010-02-19 11:37 2008-01-10 Show GitHub Exploit DB Packet Storm
253837 7.5 危険 アップル
MySQL AB		 - MySQL で使用される yaSSL における複数のバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0226 2010-02-19 11:32 2008-01-10 Show GitHub Exploit DB Packet Storm
253838 7.5 危険 Linux
レッドハット		 - Linux kernel の do_coredump 関数における任意のファイルを改ざんされる脆弱性 - CVE-2006-6304 2010-02-18 14:28 2006-12-14 Show GitHub Exploit DB Packet Storm
253839 7.8 危険 Linux
レッドハット		 - Linux kernel の net/ipv4/route.c 用の特定のレッドハットパッチにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4272 2010-02-18 14:28 2010-01-19 Show GitHub Exploit DB Packet Storm
253840 9.3 危険 レッドハット
リアルネットワークス		 - Realnetworks RealPlayer におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4248 2010-02-17 11:48 2010-01-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
280121 - ibm curam_social_program_management Multiple cross-site scripting (XSS) vulnerabilities in IBM Curam Social Program Management 4.5 SP10 through 6.0.5.4 allow remote authenticated users to inject arbitrary web script or HTML via crafted… CWE-79
Cross-site Scripting 		CVE-2014-3013 2024-11-21 11:07 2014-06-19 Show GitHub Exploit DB Packet Storm
280122 - ibm curam_social_program_management Multiple CRLF injection vulnerabilities in IBM Curam Social Program Management 5.2 SP1 through 6.0.5.4 allow remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response spli… NVD-CWE-Other
CVE-2014-3012 2024-11-21 11:07 2014-06-19 Show GitHub Exploit DB Packet Storm
280123 - f5 arx_data_manager SQL injection vulnerability in the web service in F5 ARX Data Manager 3.0.0 through 3.1.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2014-2949 2024-11-21 11:07 2014-06-19 Show GitHub Exploit DB Packet Storm
280124 - puppet puppet_enterprise Puppet Enterprise 2.8.x before 2.8.7 allows remote attackers to obtain sensitive information via vectors involving hiding and unhiding nodes. CWE-200
Information Exposure 		CVE-2014-3249 2024-11-21 11:07 2014-06-17 Show GitHub Exploit DB Packet Storm
280125 - cisco ios_xe The mDNS implementation in Cisco IOS XE 3.12S does not properly interact with autonomic networking, which allows remote attackers to obtain sensitive networking-services information by sniffing the n… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-3290 2024-11-21 11:07 2014-06-14 Show GitHub Exploit DB Packet Storm
280126 - cisco nx-os The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via… CWE-287
Improper Authentication 		CVE-2014-3295 2024-11-21 11:07 2014-06-14 Show GitHub Exploit DB Packet Storm
280127 - castor_project
opensuse_project
opensuse 		castor
opensuse 		The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document. CWE-611
XXE 		CVE-2014-3004 2024-11-21 11:07 2014-06-11 Show GitHub Exploit DB Packet Storm
280128 - directfb
suse
opensuse 		directfb
linux_enterprise_software_development_kit
linux_enterprise_desktop
linux_enterprise_workstation_extension
opensuse
suse_linux_enterprise_server 		The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via th… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-2978 2024-11-21 11:07 2014-06-11 Show GitHub Exploit DB Packet Storm
280129 - suse
opensuse
directfb 		linux_enterprise_software_development_kit
linux_enterprise_desktop
linux_enterprise_workstation_extension
opensuse
suse_linux_enterprise_server
directfb 		Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and … CWE-189
Numeric Errors 		CVE-2014-2977 2024-11-21 11:07 2014-06-11 Show GitHub Exploit DB Packet Storm
280130 - google chrome Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-3157 2024-11-21 11:07 2014-06-11 Show GitHub Exploit DB Packet Storm