Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254771	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254772	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254773	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

254774	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

254775	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
255671	5.3	MEDIUM Network	microsoft	exchange_server	Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 allow an input sanitization issue with Microsoft Exchange that could potentially result in unintended Information Disclosure, aka "Mi…	CWE-200 Information Exposure	CVE-2017-11761	2024-11-21 12:08	2017-09-13	Show	GitHub Exploit DB Packet Storm

255672	7.0	HIGH Local	linux	linux_kernel	The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a sto…	CWE-362 Race Condition	CVE-2017-12146	2024-11-21 12:08	2017-09-9	Show	GitHub Exploit DB Packet Storm

255673	6.5	MEDIUM Network	synology	photo_station	Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via th…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2017-12071	2024-11-21 12:08	2017-09-8	Show	GitHub Exploit DB Packet Storm

255674	5.4	MEDIUM Network	wolfcms	wolf_cms	Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of the file name in a "create-file-popup" action, and the directory name in a "cr…	CWE-79 Cross-site Scripting	CVE-2017-11611	2024-11-21 12:08	2017-09-8	Show	GitHub Exploit DB Packet Storm

255675	5.9	MEDIUM Network	gnu	glibc	Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors rel…	CWE-416 Use After Free	CVE-2017-12133	2024-11-21 12:08	2017-09-7	Show	GitHub Exploit DB Packet Storm

255676	8.8	HIGH Network	cesanta	mongoose_embedded_web_server_library	Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server before 6.9 allows remote attackers to hijack the authentication of users for requests that modify Mongoose.conf via a request to…	CWE-352 Origin Validation Error	CVE-2017-11567	2024-11-21 12:08	2017-09-7	Show	GitHub Exploit DB Packet Storm

255677	8.2	HIGH Network	siemens ocpfoundation	simatic_pcs7 wincc ua_.net local_discovery_server	An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7…	CWE-611 XXE	CVE-2017-12069	2024-11-21 12:08	2017-08-31	Show	GitHub Exploit DB Packet Storm

255678	4.9	MEDIUM Network	synology	router_manager	Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resourc…	CWE-400 Uncontrolled Resource Consumption	CVE-2017-12077	2024-11-21 12:08	2017-08-29	Show	GitHub Exploit DB Packet Storm

255679	4.9	MEDIUM Network	synology	diskstation_manager	Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) before 6.1.1-15088 allows remote authenticated attacker to exhaust the memory resources…	CWE-400 Uncontrolled Resource Consumption	CVE-2017-12076	2024-11-21 12:08	2017-08-29	Show	GitHub Exploit DB Packet Storm

255680	6.5	MEDIUM Network	synology	dns_server	Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name…	CWE-22 Path Traversal	CVE-2017-12074	2024-11-21 12:08	2017-08-25	Show	GitHub Exploit DB Packet Storm