Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254771 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
254772 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
254773 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
254774 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
254775 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294041 - microsoft windows_server_2008
windows_xp
windows_7
windows_server_2003
windows_vista
windows_2003_server 		win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro… CWE-20
 Improper Input Validation  		CVE-2012-1865 2024-11-21 10:37 2012-06-13 Show GitHub Exploit DB Packet Storm
294042 - microsoft windows_server_2008
windows_xp
windows_7
windows_server_2003
windows_vista
windows_2003_server 		win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro… CWE-20
 Improper Input Validation  		CVE-2012-1864 2024-11-21 10:37 2012-06-13 Show GitHub Exploit DB Packet Storm
294043 - microsoft lync
office_communicator
internet_explorer 		The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, w… CWE-200
Information Exposure 		CVE-2012-1858 2024-11-21 10:37 2012-06-13 Show GitHub Exploit DB Packet Storm
294044 - microsoft dynamics_ax Cross-site scripting (XSS) vulnerability in the Enterprise Portal component in Microsoft Dynamics AX 2012 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Dynami… CWE-79
Cross-site Scripting 		CVE-2012-1857 2024-11-21 10:37 2012-06-13 Show GitHub Exploit DB Packet Storm
294045 - microsoft .net_framework Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application… CWE-94
Code Injection 		CVE-2012-1855 2024-11-21 10:37 2012-06-13 Show GitHub Exploit DB Packet Storm
294046 - microsoft lync Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonst… NVD-CWE-Other
CVE-2012-1849 2024-11-21 10:37 2012-06-13 Show GitHub Exploit DB Packet Storm
294047 - microsoft internet_explorer Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote C… CWE-94
Code Injection 		CVE-2012-1523 2024-11-21 10:37 2012-06-13 Show GitHub Exploit DB Packet Storm
294048 - forescout counteract Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web s… CWE-79
Cross-site Scripting 		CVE-2012-1825 2024-11-21 10:37 2012-06-12 Show GitHub Exploit DB Packet Storm
294049 - emerson deltav
deltav_workstation
deltav_proessentials_scientific_graph 		An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitra… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-1818 2024-11-21 10:37 2012-06-9 Show GitHub Exploit DB Packet Storm
294050 - emerson deltav
deltav_workstation
deltav_proessentials_scientific_graph 		Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows user-assisted remote attackers to execute arbitrary … CWE-20
 Improper Input Validation  		CVE-2012-1817 2024-11-21 10:37 2012-06-9 Show GitHub Exploit DB Packet Storm