Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255151	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer に脆弱性	CWE-94 コード・インジェクション	CVE-2009-3672	2010-01-14 12:08	2009-11-25	Show	GitHub Exploit DB Packet Storm

255152	9.3	危険	サン・マイクロシステムズ VMware	-	Sun Java SE の java.lang パッケージにおける脆弱性	CWE-362 競合状態	CVE-2009-2724	2010-01-14 12:08	2009-08-10	Show	GitHub Exploit DB Packet Storm

255153	10	危険	サン・マイクロシステムズ VMware	-	Sun Java SE の Provider クラスにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-2721	2010-01-14 12:08	2009-08-10	Show	GitHub Exploit DB Packet Storm

255154	5	警告	有限会社シースリー	-	WebCalenderC3 におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0348	2010-01-12 15:01	2010-01-12	Show	GitHub Exploit DB Packet Storm

255155	4.3	警告	有限会社シースリー	-	WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0349	2010-01-12 15:00	2010-01-12	Show	GitHub Exploit DB Packet Storm

255156	10	危険	サイバートラスト株式会社 XEmacs	-	XEmacs の glyphs-eimage.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-2688	2010-01-12 14:48	2009-08-5	Show	GitHub Exploit DB Packet Storm

255157	6.8	警告	IBM	-	IBM WebSphere Application Server (WAS) におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-2746	2010-01-12 14:48	2009-11-13	Show	GitHub Exploit DB Packet Storm

255158	5	警告	アップル	-	Apple Safari におけるローカル HTML ファイルを読まれる脆弱性	CWE-Other その他	CVE-2009-2842	2010-01-7 12:09	2009-11-11	Show	GitHub Exploit DB Packet Storm

255159	5.5	警告	シックス・アパート株式会社	-	Movable Type におけるアクセス制限回避の脆弱性	CWE-264 認可・権限・アクセス制御	-	2010-01-6 15:01	2010-01-6	Show	GitHub Exploit DB Packet Storm

255160	9.3	危険	マイクロソフト	-	Microsoft Office Word および Open XML File Format Converter における、任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3135	2010-01-6 14:44	2009-11-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248341	9.8	CRITICAL Network	opensuse gnu	leap gnutls	Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-5337	2024-11-21 12:27	2017-03-25	Show	GitHub Exploit DB Packet Storm

248342	9.8	CRITICAL Network	opensuse gnu	leap gnutls	Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted Op…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-5336	2024-11-21 12:27	2017-03-25	Show	GitHub Exploit DB Packet Storm

248343	7.5	HIGH Network	opensuse gnu	leap gnutls	The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a craf…	CWE-125 Out-of-bounds Read	CVE-2017-5335	2024-11-21 12:27	2017-03-25	Show	GitHub Exploit DB Packet Storm

248344	9.8	CRITICAL Network	opensuse gnu	leap gnutls	Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language in…	CWE-415 Double Free	CVE-2017-5334	2024-11-21 12:27	2017-03-25	Show	GitHub Exploit DB Packet Storm

248345	8.8	HIGH Network	solarwinds	log_and_event_manager	The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2017-5199	2024-11-21 12:27	2017-03-24	Show	GitHub Exploit DB Packet Storm

248346	8.8	HIGH Local	solarwinds	log_and_event_manager	SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh.	NVD-CWE-noinfo	CVE-2017-5198	2024-11-21 12:27	2017-03-24	Show	GitHub Exploit DB Packet Storm

248347	9.8	CRITICAL Network	samsung	samsung_mobile	The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified i…	CWE-125 Out-of-bounds Read	CVE-2017-5538	2024-11-21 12:27	2017-03-24	Show	GitHub Exploit DB Packet Storm

248348	4.3	MEDIUM Network	plone	plone	Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method.	CWE-134 Use of Externally-Controlled Format String	CVE-2017-5524	2024-11-21 12:27	2017-03-24	Show	GitHub Exploit DB Packet Storm

248349	7.5	HIGH Network	qnap	qts	QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration…	CWE-200 Information Exposure	CVE-2017-5227	2024-11-21 12:27	2017-03-24	Show	GitHub Exploit DB Packet Storm

248350	7.8	HIGH Local	firejail_project	firejail	Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.	CWE-269 Improper Privilege Management	CVE-2017-5207	2024-11-21 12:27	2017-03-24	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed