Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253921 7.2 危険 IBM - IBM DB2 の Install コンポーネントにおける脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4331 2010-02-4 11:19 2009-12-16 Show GitHub Exploit DB Packet Storm
253922 7.5 危険 IBM - IBM DB2 の Relational Data Services コンポーネントにおけるパスワードの引数を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4333 2010-02-4 11:19 2009-12-16 Show GitHub Exploit DB Packet Storm
253923 7.2 危険 IBM - IBM DB2 の Engine Utilities コンポーネントの db2licm における脆弱性 CWE-noinfo
情報不足 		CVE-2009-4330 2010-02-4 11:18 2009-12-16 Show GitHub Exploit DB Packet Storm
253924 4 警告 IBM - IBM DB2 の Engine Utilities コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-4329 2010-02-4 11:18 2009-12-16 Show GitHub Exploit DB Packet Storm
253925 7.2 危険 サイバートラスト株式会社
Linux		 - Linux kernel の kvm_dev_ioctl_get_supported_cpuid 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-3638 2010-02-3 14:35 2009-10-29 Show GitHub Exploit DB Packet Storm
253926 5 警告 Linear LLC
S2 Security		 - Linear eMerge のマネージメントコンポーネントにおけるサービス運用妨害 (DoS) CWE-noinfo
情報不足 		CVE-2009-3734 2010-02-3 14:35 2010-01-5 Show GitHub Exploit DB Packet Storm
253927 7.5 危険 The PHP Group
LibGD project
サイバートラスト株式会社
レッドハット		 - PHP および GD Graphics Library の _gdGetColors 関数におけるバッファオーバーフローの脆弱性 CWE-Other
その他 		CVE-2009-3546 2010-02-3 14:34 2009-10-19 Show GitHub Exploit DB Packet Storm
253928 6.8 警告 GNU Project
XEmacs
サイバートラスト株式会社		 - Emacs および XEmacs における .flc ファイルの処理に関する任意のコードを実行される脆弱性 CWE-DesignError
CVE-2008-2142 2010-02-2 11:43 2008-05-12 Show GitHub Exploit DB Packet Storm
253929 3.5 注意 Drupal
サイバートラスト株式会社		 - Drupal の Menu モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4370 2010-02-2 11:43 2009-12-16 Show GitHub Exploit DB Packet Storm
253930 3.5 注意 Drupal
サイバートラスト株式会社		 - Drupal の Contact モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4369 2010-02-2 11:42 2009-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294661 - hudong hdwiki SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. NOTE:… CWE-89
SQL Injection 		CVE-2011-5076 2024-11-21 10:33 2012-02-8 Show GitHub Exploit DB Packet Storm
294662 - htc glacier
sensation_z710e
evo_3d
desire_s
desire_hd
sensation_4g
thunderbolt_4g
evo_4g
droid_incredible 		Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI4… CWE-200
Information Exposure 		CVE-2011-4872 2024-11-21 10:33 2012-02-5 Show GitHub Exploit DB Packet Storm
294663 - siemens wincc_flexible
wincc
simatic_hmi_panels
wincc_runtime_advanced
wincc_flexible_runtime 		miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SI… CWE-20
 Improper Input Validation  		CVE-2011-4879 2024-11-21 10:33 2012-02-4 Show GitHub Exploit DB Packet Storm
294664 - siemens wincc_flexible
wincc
simatic_hmi_panels
wincc_runtime_advanced
wincc_flexible_runtime 		Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP,… CWE-22
Path Traversal 		CVE-2011-4878 2024-11-21 10:33 2012-02-4 Show GitHub Exploit DB Packet Storm
294665 - siemens wincc_flexible
wincc
simatic_hmi_panels
wincc_runtime_advanced
wincc_flexible_runtime 		HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime… CWE-20
 Improper Input Validation  		CVE-2011-4877 2024-11-21 10:33 2012-02-4 Show GitHub Exploit DB Packet Storm
294666 - siemens wincc_flexible
wincc
simatic_hmi_panels
wincc_runtime_advanced
wincc_flexible_runtime 		Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels … CWE-22
Path Traversal 		CVE-2011-4876 2024-11-21 10:33 2012-02-4 Show GitHub Exploit DB Packet Storm
294667 - siemens wincc_flexible
wincc
simatic_hmi_panels
wincc_runtime_advanced
wincc_flexible_runtime 		Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATI… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-4875 2024-11-21 10:33 2012-02-4 Show GitHub Exploit DB Packet Storm
294668 - hp data_protector_media_operations DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field. CWE-94
Code Injection 		CVE-2011-4791 2024-11-21 10:33 2012-02-3 Show GitHub Exploit DB Packet Storm
294669 - hp network_automation Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to execute arbitrary code via unknown vectors. NVD-CWE-noinfo
CVE-2011-4790 2024-11-21 10:33 2012-02-2 Show GitHub Exploit DB Packet Storm
294670 - wordpress wordpress wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to confi… NVD-CWE-noinfo
CVE-2011-4899 2024-11-21 10:33 2012-01-31 Show GitHub Exploit DB Packet Storm