Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254771	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254772	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254773	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

254774	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

254775	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
272121	-		phpmyadmin	phpmyadmin	Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remo…	CWE-352 Origin Validation Error	CVE-2015-3902	2024-11-21 11:30	2015-05-27	Show	GitHub Exploit DB Packet Storm

272122	-		sap	afaria	Buffer overflow in the XComms process in SAP Afaria 7.00.6620.2 SP5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, aka SAP Secu…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-4092	2024-11-21 11:30	2015-05-26	Show	GitHub Exploit DB Packet Storm

272123	-		sap	sap_netweaver_application_server_java	XML external entity (XXE) vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to send TCP requests to intranet servers or possibly have unspecified other impact via an XML request to t…	NVD-CWE-Other	CVE-2015-4091	2024-11-21 11:30	2015-05-26	Show	GitHub Exploit DB Packet Storm

272124	-		feedwordpress_project	feedwordpress	SQL injection vulnerability in feedwordpresssyndicationpage.class.php in the FeedWordPress plugin before 2015.0514 for WordPress allows remote authenticated users to execute arbitrary SQL commands vi…	CWE-89 SQL Injection	CVE-2015-4018	2024-11-21 11:30	2015-05-22	Show	GitHub Exploit DB Packet Storm

272125	-		huawei	webui e355s_mobile_wifi_firmware	Huawei E355s Mobile WiFi with firmware before 22.158.45.02.625 and WEBUI before 13.100.04.01.625 allows remote attackers to obtain sensitive configuration information by sniffing the network or sendi…	CWE-200 Information Exposure	CVE-2015-3912	2024-11-21 11:30	2015-05-22	Show	GitHub Exploit DB Packet Storm

272126	-		huawei	e587_mobile_wifi_firmware	Huawei E587 Mobile WiFi with firmware before 11.203.30.00.00 allows remote attackers to bypass authentication, change configurations, send messages, and cause a denial of service (device restart) via…	CWE-284 Improper Access Control	CVE-2015-3911	2024-11-21 11:30	2015-05-22	Show	GitHub Exploit DB Packet Storm

272127	3.7	LOW Network	openssl canonical hp ibm oracle debian suse apple mozilla opera microsoft google	openssl ubuntu_linux hp-ux content_manager jrockit debian_linux jdk jre linux_enterprise_server linux_enterprise_software_development_kit linux_enterprise_desktop sus…	The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to c…	CWE-310 Cryptographic Issues	CVE-2015-4000	2024-11-21 11:30	2015-05-21	Show	GitHub Exploit DB Packet Storm

272128	-		valvesoftware	steam_client	The client detection protocol in Valve Steam allows remote attackers to cause a denial of service (process crash) via a crafted response to a broadcast packet.	CWE-20 Improper Input Validation	CVE-2015-4016	2024-11-21 11:30	2015-05-21	Show	GitHub Exploit DB Packet Storm

272129	-		piriform	ccleaner	Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames to disk when overwriting files, which allows local users to obtain sensitive information by searching unallocated disk space.	CWE-200 Information Exposure	CVE-2015-3999	2024-11-21 11:30	2015-05-21	Show	GitHub Exploit DB Packet Storm

272130	-		sonicwall	uma_em5000_firmware global_management_system analyzer	The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configu…	CWE-19 Data Processing Errors	CVE-2015-3990	2024-11-21 11:30	2015-05-21	Show	GitHub Exploit DB Packet Storm