Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253931 7.5 危険 日立 - Cosminexus、Processing Kit for XML および Hitachi Developer's Kit for Java におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		- 2010-02-2 11:42 2009-12-22 Show GitHub Exploit DB Packet Storm
253932 4.3 警告 VMware - 複数の VMware 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3731 2010-02-1 11:52 2009-12-15 Show GitHub Exploit DB Packet Storm
253933 10 危険 サイバートラスト株式会社
Linux		 - Linux kernel および gxsnmp パッケージの asn1 の実装における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2008-1673 2010-02-1 11:51 2008-06-10 Show GitHub Exploit DB Packet Storm
253934 10 危険 ヒューレット・パッカード - 複数の Symantec 製品の VRTSweb における任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2009-3027 2010-02-1 11:51 2009-12-8 Show GitHub Exploit DB Packet Storm
253935 9.3 危険 KDE project
Glyph & Cog, LLC
GNOME Project
サイバートラスト株式会社
レッドハット		 - Xpdf、gpdf および kpdf の FoFiType1::parse 関数における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4035 2010-01-29 09:54 2009-12-16 Show GitHub Exploit DB Packet Storm
253936 7.8 危険 Mozilla Foundation - Mozilla Firefox/SeaMonkey の GeckoActiveXObject 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-3987 2010-01-29 09:54 2009-12-15 Show GitHub Exploit DB Packet Storm
253937 7.6 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における任意の JavaScript を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3986 2010-01-29 09:54 2009-12-15 Show GitHub Exploit DB Packet Storm
253938 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey におけるコンテンツを偽装される脆弱性 CWE-Other
その他 		CVE-2009-3985 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
253939 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における http URL または file URL の SSL インジケータを偽装される脆弱性 CWE-Other
その他 		CVE-2009-3984 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
253940 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における認証されたリクエストを任意のアプリケーションに送信される脆弱性 CWE-Other
その他 		CVE-2009-3983 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
248631 5.5 MEDIUM
Local 		weka interest_security_scanner A vulnerability classified as problematic has been found in WEKA INTEREST Security Scanner up to 1.8. Affected is Stresstest Scheme Handler which leads to a denial of service. The attack needs to be … CWE-404
 Improper Resource Shutdown or Release 		CVE-2017-20012 2024-11-21 12:22 2022-03-29 Show GitHub Exploit DB Packet Storm
248632 5.5 MEDIUM
Local 		weka interest_security_scanner A vulnerability was found in WEKA INTEREST Security Scanner 1.8. It has been rated as problematic. This issue affects some unknown processing of the component HTTP Handler. The manipulation with an u… CWE-404
 Improper Resource Shutdown or Release 		CVE-2017-20011 2024-11-21 12:22 2022-03-29 Show GitHub Exploit DB Packet Storm
248633 6.1 MEDIUM
Network 		mycred mycred The myCred WordPress plugin before 1.7.8 does not sanitise and escape the user parameter before outputting it back in the Points Log admin dashboard, leading to a Reflected Cross-Site Scripting - CVE-2017-20008 2024-11-21 12:22 2021-11-29 Show GitHub Exploit DB Packet Storm
248634 5.3 MEDIUM
Network 		ingeteam ingepac_da_au_firmware Ingeteam INGEPAC DA AU AUC_1.13.0.28 (and before) web application allows access to a certain path that contains sensitive information that could be used by an attacker to execute more sophisticated a… NVD-CWE-noinfo
CVE-2017-20007 2024-11-21 12:22 2021-10-25 Show GitHub Exploit DB Packet Storm
248635 7.8 HIGH
Local 		rarlab unrar UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile). CWE-787
 Out-of-bounds Write 		CVE-2017-20006 2024-11-21 12:22 2021-07-1 Show GitHub Exploit DB Packet Storm
248636 9.8 CRITICAL
Network 		f5
debian 		nginx
debian_linux 		NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date f… CWE-190
 Integer Overflow or Wraparound 		CVE-2017-20005 2024-11-21 12:22 2021-06-7 Show GitHub Exploit DB Packet Storm
248637 5.9 MEDIUM
Network 		rust-lang rust In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues th… CWE-362
Race Condition 		CVE-2017-20004 2024-11-21 12:22 2021-04-14 Show GitHub Exploit DB Packet Storm
248638 7.8 HIGH
Local 		debian debian_linux
shadow 		The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are… CWE-269
 Improper Privilege Management 		CVE-2017-20002 2024-11-21 12:22 2021-03-17 Show GitHub Exploit DB Packet Storm
248639 7.5 HIGH
Network 		aes_encryption_project aes_encryption The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from decrypting data, aka SA-CONTRIB-2017-027. NOTE: This project is not covered by Drupal's security advisor… CWE-326
Inadequate Encryption Strength 		CVE-2017-20001 2024-11-21 12:22 2021-01-1 Show GitHub Exploit DB Packet Storm
248640 5.9 MEDIUM
Network 		hcltech domino "A vulnerability in the TLS protocol implementation of the Domino server could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threa… CWE-326
Inadequate Encryption Strength 		CVE-2017-1712 2024-11-21 12:22 2020-07-1 Show GitHub Exploit DB Packet Storm