Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254771 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
254772 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
254773 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
254774 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
254775 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
257631 6.1 MEDIUM
Network 		mywebsql mywebsql MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information CWE-79
Cross-site Scripting 		CVE-2017-1000011 2024-11-21 12:03 2017-07-17 Show GitHub Exploit DB Packet Storm
257632 7.8 HIGH
Local 		audacityteam audacity Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution. CWE-427
 Uncontrolled Search Path Element 		CVE-2017-1000010 2024-11-21 12:03 2017-07-17 Show GitHub Exploit DB Packet Storm
257633 9.8 CRITICAL
Network 		akeneo product_information_management Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution. CWE-78
OS Command  		CVE-2017-1000009 2024-11-21 12:03 2017-07-17 Show GitHub Exploit DB Packet Storm
257634 8.8 HIGH
Network 		chyrp-lite_project chyrp_lite Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing attackers to hijack the authentication of logged in users to modify account information, including their pass… CWE-352
 Origin Validation Error 		CVE-2017-1000008 2024-11-21 12:03 2017-07-17 Show GitHub Exploit DB Packet Storm
257635 5.9 MEDIUM
Network 		twistedmatrix txaws txAWS (all current versions) fail to perform complete certificate verification resulting in vulnerability to MitM attacks and information disclosure. CWE-200
CWE-295
Information Exposure
Improper Certificate Validation  		CVE-2017-1000007 2024-11-21 12:03 2017-07-17 Show GitHub Exploit DB Packet Storm
257636 6.1 MEDIUM
Network 		plotly plotly.js Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue. CWE-79
Cross-site Scripting 		CVE-2017-1000006 2024-11-21 12:03 2017-07-17 Show GitHub Exploit DB Packet Storm
257637 6.1 MEDIUM
Network 		phpminiadmin_project phpminiadmin PHPMiniAdmin version 1.9.160630 is vulnerable to stored XSS in the name of databases, tables and columns resulting in potential account takeover and scraping of data (stealing data). CWE-79
Cross-site Scripting 		CVE-2017-1000005 2024-11-21 12:03 2017-07-17 Show GitHub Exploit DB Packet Storm
257638 9.8 CRITICAL
Network 		atutor atutor ATutor version 2.2.1 and earlier are vulnerable to a SQL injection in the Assignment Dropbox, BasicLTI, Blog Post, Blog, Group Course Email, Course Alumni, Course Enrolment, Group Membership, Course … CWE-89
SQL Injection 		CVE-2017-1000004 2024-11-21 12:03 2017-07-17 Show GitHub Exploit DB Packet Storm
257639 9.8 CRITICAL
Network 		atutor atutor ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and ea… CWE-269
 Improper Privilege Management 		CVE-2017-1000003 2024-11-21 12:03 2017-07-17 Show GitHub Exploit DB Packet Storm
257640 9.8 CRITICAL
Network 		atutor atutor ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vu… CWE-22
Path Traversal 		CVE-2017-1000002 2024-11-21 12:03 2017-07-17 Show GitHub Exploit DB Packet Storm