Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254771	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254772	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254773	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

254774	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

254775	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
286881	-		php	php	The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (mem…	CWE-20 Improper Input Validation	CVE-2013-3735	2024-11-21 10:54	2013-06-1	Show	GitHub Exploit DB Packet Storm

286882	-		psychostats	psychostats	SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter.	CWE-89 SQL Injection	CVE-2013-3721	2024-11-21 10:54	2013-05-31	Show	GitHub Exploit DB Packet Storm

286883	-		feedweb	feedweb	Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin before 1.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the …	CWE-79 Cross-site Scripting	CVE-2013-3720	2024-11-21 10:54	2013-05-31	Show	GitHub Exploit DB Packet Storm

286884	-		algisinfo	aicontactsafe	Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2013-3719	2024-11-21 10:54	2013-05-31	Show	GitHub Exploit DB Packet Storm

286885	-		google lg	android optimus_g_e973	The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attackers to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb) …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-3666	2024-11-21 10:54	2013-05-29	Show	GitHub Exploit DB Packet Storm

286886	-		microsoft	windows_rt windows_xp windows_7 windows_8 windows_server_2008 windows_server_2003 windows_vista windows_server_2012	The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Se…	CWE-22 Path Traversal	CVE-2013-3661	2024-11-21 10:54	2013-05-25	Show	GitHub Exploit DB Packet Storm

286887	-		siemens	scalance_x200irt_firmware scalance_x200-4p_irt scalance_x201-3p_irt scalance_x202-2irt scalance_x202-2p_irt scalance_x204irt scalance_xf204irt	A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch…	CWE-20 Improper Input Validation	CVE-2013-3634	2024-11-21 10:54	2013-05-25	Show	GitHub Exploit DB Packet Storm

286888	-		siemens	scalance_x200irt_firmware scalance_x200-4p_irt scalance_x201-3p_irt scalance_x202-2irt scalance_x202-2p_irt scalance_x204irt scalance_xf204irt	A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-3633	2024-11-21 10:54	2013-05-25	Show	GitHub Exploit DB Packet Storm

286889	5.9	MEDIUM Network	f5	big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_edge_gateway big-ip…	The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle a…	CWE-200 Information Exposure	CVE-2013-3587	2024-11-21 10:53	2020-02-22	Show	GitHub Exploit DB Packet Storm

286890	6.5	MEDIUM Network	otrs	otrs otrs_itsm	Kernel/Modules/AgentTicketPhone.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.20, 3.1.x before 3.1.16, and 3.2.x before 3.2.7, and OTRS ITSM 3.0.x before 3.0.8, 3.1.x before 3.1.9, and 3.2…	CWE-200 Information Exposure	CVE-2013-3551	2024-11-21 10:53	2020-02-22	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed