Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254411 6.8 警告 アップル
GNU Project
サン・マイクロシステムズ
サイバートラスト株式会社
レッドハット		 - GNU tar の contains_dot_dot() 関数におけるディレクトリトラバーサルの脆弱性 - CVE-2007-4131 2010-01-18 12:21 2007-08-23 Show GitHub Exploit DB Packet Storm
254412 4.6 警告 IBM - IBM DB2 の dasauto における管理者権限を持たないユーザが実行可能な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4150 2010-01-15 14:10 2009-12-2 Show GitHub Exploit DB Packet Storm
254413 2.1 注意 サン・マイクロシステムズ - Sun Solaris の ldap_cachemgr におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-4080 2010-01-15 14:10 2009-11-24 Show GitHub Exploit DB Packet Storm
254414 5 警告 サン・マイクロシステムズ - Sun Solaris の sshd におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-4075 2010-01-15 14:09 2009-11-23 Show GitHub Exploit DB Packet Storm
254415 2.6 注意 オラクル - Oracle Application Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-01-14 15:01 2010-01-14 Show GitHub Exploit DB Packet Storm
254416 9.3 危険 マイクロソフト - Microsoft Internet Explorer に脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3672 2010-01-14 12:08 2009-11-25 Show GitHub Exploit DB Packet Storm
254417 9.3 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の java.lang パッケージにおける脆弱性 CWE-362
競合状態 		CVE-2009-2724 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
254418 10 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の Provider クラスにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-2721 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
254419 5 警告 有限会社シースリー - WebCalenderC3 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0348 2010-01-12 15:01 2010-01-12 Show GitHub Exploit DB Packet Storm
254420 4.3 警告 有限会社シースリー - WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0349 2010-01-12 15:00 2010-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
255191 6.3 MEDIUM
Local 		cisco nx-os A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation… CWE-77
Command Injection 		CVE-2017-12330 2024-11-21 12:09 2017-11-30 Show GitHub Exploit DB Packet Storm
255192 6.3 MEDIUM
Local 		cisco nx-os
unified_computing_system
firepower_extensible_operating_system 		A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vuln… CWE-77
Command Injection 		CVE-2017-12329 2024-11-21 12:09 2017-11-30 Show GitHub Exploit DB Packet Storm
255193 5.8 MEDIUM
Network 		cisco ip_phone_8800_series_firmware A vulnerability in Session Initiation Protocol (SIP) call handling in Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition b… CWE-20
 Improper Input Validation  		CVE-2017-12328 2024-11-21 12:09 2017-11-30 Show GitHub Exploit DB Packet Storm
255194 5.0 MEDIUM
Network 		cisco webex_meeting_center A vulnerability in Cisco WebEx Meeting Center could allow an authenticated, remote attacker to initiate connections to arbitrary hosts, aka a "URL Redirection Vulnerability." The vulnerability is due… CWE-20
 Improper Input Validation  		CVE-2017-12297 2024-11-21 12:09 2017-11-30 Show GitHub Exploit DB Packet Storm
255195 5.5 MEDIUM
Local 		linux linux_kernel The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL point… - CVE-2017-12193 2024-11-21 12:09 2017-11-23 Show GitHub Exploit DB Packet Storm
255196 6.5 MEDIUM
Local 		linux linux_kernel The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same… - CVE-2017-12190 2024-11-21 12:09 2017-11-23 Show GitHub Exploit DB Packet Storm
255197 7.8 HIGH
Local 		apache
debian 		openoffice
debian_linux 		A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory… CWE-787
 Out-of-bounds Write 		CVE-2017-12608 2024-11-21 12:09 2017-11-21 Show GitHub Exploit DB Packet Storm
255198 7.8 HIGH
Local 		apache
debian 		openoffice
debian_linux 		A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and appl… CWE-787
 Out-of-bounds Write 		CVE-2017-12607 2024-11-21 12:09 2017-11-21 Show GitHub Exploit DB Packet Storm
255199 8.2 HIGH
Local 		cisco umbrella_insights_virtual_appliance A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulne… CWE-798
 Use of Hard-coded Credentials 		CVE-2017-12350 2024-11-21 12:09 2017-11-16 Show GitHub Exploit DB Packet Storm
255200 9.8 CRITICAL
Network 		cisco finesse
hosted_collaboration_solution
emergency_responder
unity_connection
socialminer
mediasense
unified_communications_manager
prime_license_manager
unified_communications_m… 		A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthoriz… CWE-287
Improper Authentication 		CVE-2017-12337 2024-11-21 12:09 2017-11-16 Show GitHub Exploit DB Packet Storm