Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 2:21 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254771 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
254772 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
254773 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
254774 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
254775 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267081 3.7 LOW
Network 		ibm security_guardium IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows man-in-the-middle attackers to obtain sensitive query-string information from SSL sessions via unspecified vectors. CWE-200
Information Exposure 		CVE-2016-0248 2024-11-21 11:41 2016-09-26 Show GitHub Exploit DB Packet Storm
267082 6.5 MEDIUM
Network 		microsoft office The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive … CWE-200
Information Exposure 		CVE-2016-0141 2024-11-21 11:41 2016-09-14 Show GitHub Exploit DB Packet Storm
267083 4.3 MEDIUM
Network 		microsoft exchange_server Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which a… CWE-200
Information Exposure 		CVE-2016-0138 2024-11-21 11:41 2016-09-14 Show GitHub Exploit DB Packet Storm
267084 3.3 LOW
Local 		microsoft office The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass." CWE-254
 7PK - Security Features 		CVE-2016-0137 2024-11-21 11:41 2016-09-14 Show GitHub Exploit DB Packet Storm
267085 5.4 MEDIUM
Network 		ibm rational_team_concert
rational_collaborative_lifecycle_management 		Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 6.0.1 and 6.0.2 before 6.0.2 iFix2 and Rational Collaborative Lifecycle Management 6.0.1 and 6.0.2 before 6.0.2 iFix2 allows remo… CWE-79
Cross-site Scripting 		CVE-2016-0331 2024-11-21 11:41 2016-09-12 Show GitHub Exploit DB Packet Storm
267086 3.1 LOW
Network 		ibm websphere_application_server Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is en… CWE-119
CWE-200
Incorrect Access of Indexable Resource ('Range Error') 
Information Exposure 		CVE-2016-0385 2024-11-21 11:41 2016-09-1 Show GitHub Exploit DB Packet Storm
267087 2.7 LOW
Network 		ibm forms_experience_builder Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an … CWE-79
Cross-site Scripting 		CVE-2016-0370 2024-11-21 11:41 2016-09-1 Show GitHub Exploit DB Packet Storm
267088 6.1 MEDIUM
Network 		ibm bigfix_platform Cross-site scripting (XSS) vulnerability in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.1.8 and 9.2.x before 9.2.8 allows remote attackers to inject arbitrary web script or HT… CWE-79
Cross-site Scripting 		CVE-2016-0293 2024-11-21 11:41 2016-09-1 Show GitHub Exploit DB Packet Storm
267089 5.9 MEDIUM
Network 		ibm bigfix_webreports WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic. CWE-200
Information Exposure 		CVE-2016-0397 2024-11-21 11:41 2016-08-31 Show GitHub Exploit DB Packet Storm
267090 5.5 MEDIUM
Local 		ibm bigfix WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows local users to discover the cleartext system password by reading a report. CWE-200
Information Exposure 		CVE-2016-0292 2024-11-21 11:41 2016-08-31 Show GitHub Exploit DB Packet Storm