Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254771 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
254772 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
254773 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
254774 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
254775 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
285471 - cisco unified_ip_phones_9900_series_firmware
unified_ip_phone_9951
unified_ip_phone_9971 		Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service (webapp interface outage) via long values in unspecified fields, aka Bug … CWE-20
 Improper Input Validation  		CVE-2013-5532 2024-11-21 10:57 2013-10-11 Show GitHub Exploit DB Packet Storm
285472 - cisco unified_communications_manager Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal … CWE-22
Path Traversal 		CVE-2013-5528 2024-11-21 10:57 2013-10-11 Show GitHub Exploit DB Packet Storm
285473 - cisco ios
ios_xe 		The OSPF functionality in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet, aka Bug ID CSCui21030. CWE-20
 Improper Input Validation  		CVE-2013-5527 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm
285474 - cisco unified_ip_phone_9951
unified_ip_phone_9971 		Cisco 9900 fourth-generation IP phones do not properly perform SDP negotiation, which allows remote attackers to cause a denial of service (device reboot) via crafted SDP packets, aka Bug ID CSCuf066… CWE-20
 Improper Input Validation  		CVE-2013-5526 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm
285475 - cisco identity_services_engine_software SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a… CWE-89
SQL Injection 		CVE-2013-5525 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm
285476 - cisco identity_services_engine_software Cross-site scripting (XSS) vulnerability in the troubleshooting page in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unsp… CWE-79
Cross-site Scripting 		CVE-2013-5524 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm
285477 - cisco identity_services_engine_software The Sponsor Portal in Cisco Identity Services Engine (ISE) 1.2 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attack… CWE-20
 Improper Input Validation  		CVE-2013-5523 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm
285478 - cisco ios The remember feature in the DHCP server in Cisco IOS allows remote attackers to cause a denial of service (device reload) by acquiring a lease and then sending a DHCPRELEASE message, aka Bug ID CSCuh… NVD-CWE-noinfo
CVE-2013-5499 2024-11-21 10:57 2013-10-10 Show GitHub Exploit DB Packet Storm
285479 - joomla joomla\! administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended … CWE-20
 Improper Input Validation  		CVE-2013-5576 2024-11-21 10:57 2013-10-9 Show GitHub Exploit DB Packet Storm
285480 - adobe robohelp MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-5327 2024-11-21 10:57 2013-10-9 Show GitHub Exploit DB Packet Storm