Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255221 9.3 危険 マイクロソフト - Microsoft Windows の kernel における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2514 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
255222 6.8 警告 マイクロソフト - Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-2513 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
255223 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
255224 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
255225 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
255226 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
255227 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274341 9.8 CRITICAL
Network 		myscript myscript The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer t… CWE-502
 Deserialization of Untrusted Data 		CVE-2015-2020 2024-11-21 11:26 2018-03-30 Show GitHub Exploit DB Packet Storm
274342 8.8 HIGH
Network 		ibm qradar_security_information_and_event_manager Cross-site request forgery (CSRF) vulnerability in the xmlrpc.cgi service in IBM QRadar SIEM 7.1 before MR2 Patch 11 Interim Fix 02 and 7.2.x before 7.2.5 Patch 4 allows remote attackers to hijack th… CWE-352
 Origin Validation Error 		CVE-2015-2009 2024-11-21 11:26 2018-03-30 Show GitHub Exploit DB Packet Storm
274343 9.8 CRITICAL
Network 		gracenote gnsdk The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attack… CWE-118
Incorrect Access of Indexable Resource ('Range Error') 		CVE-2015-2004 2024-11-21 11:26 2018-03-30 Show GitHub Exploit DB Packet Storm
274344 9.8 CRITICAL
Network 		pjsip pjsua2_sdk The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-… CWE-118
Incorrect Access of Indexable Resource ('Range Error') 		CVE-2015-2003 2024-11-21 11:26 2018-03-30 Show GitHub Exploit DB Packet Storm
274345 9.8 CRITICAL
Network 		esri arcgisruntime_sdk The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-cont… CWE-118
Incorrect Access of Indexable Resource ('Range Error') 		CVE-2015-2002 2024-11-21 11:26 2018-03-30 Show GitHub Exploit DB Packet Storm
274346 9.8 CRITICAL
Network 		metaio metaio_sdk The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer… CWE-118
Incorrect Access of Indexable Resource ('Range Error') 		CVE-2015-2001 2024-11-21 11:26 2018-03-30 Show GitHub Exploit DB Packet Storm
274347 9.8 CRITICAL
Network 		jumio jumio_sdk The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to… CWE-118
Incorrect Access of Indexable Resource ('Range Error') 		CVE-2015-2000 2024-11-21 11:26 2018-03-30 Show GitHub Exploit DB Packet Storm
274348 9.8 CRITICAL
Network 		datto alto_3_firmware
alto_2_firmware
alto_xl_firmware
siris_3_firmware
siris_2_firmware
siris_3_x_all-flash_firmware
siris_virtual_firmware
alto_imaged_firmware 		Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts. CWE-20
 Improper Input Validation  		CVE-2015-2081 2024-11-21 11:26 2018-02-20 Show GitHub Exploit DB Packet Storm
274349 7.0 HIGH
Local 		abrt_project abrt The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment. CWE-362
Race Condition 		CVE-2015-1862 2024-11-21 11:26 2018-02-10 Show GitHub Exploit DB Packet Storm
274350 7.5 HIGH
Network 		edx edx-platform
configuration 		The Ansible edxapp role in the Configuration Repo in edX allows remote websites to spoof edX accounts by leveraging use of the string literal "False" instead of a boolean False for the CORS_ORIGIN_AL… CWE-20
 Improper Input Validation  		CVE-2015-2186 2024-11-21 11:26 2018-02-4 Show GitHub Exploit DB Packet Storm