Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 12:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255581	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

255582	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

255583	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

255584	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248611	9.8	CRITICAL Network	apache	nifi	In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could …	CWE-74 Injection	CVE-2017-5636	2024-11-21 12:28	2017-10-20	Show	GitHub Exploit DB Packet Storm

248612	7.5	HIGH Network	apache	nifi	In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous…	CWE-287 Improper Authentication	CVE-2017-5635	2024-11-21 12:28	2017-10-20	Show	GitHub Exploit DB Packet Storm

248613	9.8	CRITICAL Network	hp	intelligent_management_center_plat	The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI.	CWE-287 Improper Authentication	CVE-2017-5791	2024-11-21 12:28	2017-10-12	Show	GitHub Exploit DB Packet Storm

248614	9.8	CRITICAL Network	hp	loadrunner performance_center	HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdru…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-5789	2024-11-21 12:28	2017-10-12	Show	GitHub Exploit DB Packet Storm

248615	7.5	HIGH Local	intel	nuc7i7bnh_firmware nuc7i5bnh_firmware nuc7i5bnk_firmware nuc7i3bnh_firmware nuc7i3bnk_firmware	Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enfo…	CWE-269 Improper Privilege Management	CVE-2017-5722	2024-11-21 12:28	2017-10-11	Show	GitHub Exploit DB Packet Storm

248616	7.5	HIGH Local	intel	nuc7i7bnh_firmware nuc7i5bnh_firmware nuc7i5bnk_firmware nuc7i3bnh_firmware nuc7i3bnk_firmware	Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipul…	CWE-20 Improper Input Validation	CVE-2017-5721	2024-11-21 12:28	2017-10-11	Show	GitHub Exploit DB Packet Storm

248617	7.1	HIGH Physics	intel	nuc7i7bnh_firmware nuc7i5bnh_firmware nuc7i5bnk_firmware nuc7i3bnh_firmware nuc7i3bnk_firmware	Insecure platform configuration in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows an attacker with physical presence to run arbitrary…	NVD-CWE-noinfo	CVE-2017-5701	2024-11-21 12:28	2017-10-11	Show	GitHub Exploit DB Packet Storm

248618	8.4	HIGH Local	intel	nuc7i7bnh_firmware nuc7i5bnh_firmware nuc7i5bnk_firmware nuc7i3bnh_firmware nuc7i3bnk_firmware	Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator…	CWE-522 Insufficiently Protected Credentials	CVE-2017-5700	2024-11-21 12:28	2017-10-11	Show	GitHub Exploit DB Packet Storm

248619	7.5	HIGH Network	apache debian	zookeeper debian_linux	Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client …	CWE-400 CWE-306 Uncontrolled Resource Consumption Missing Authentication for Critical Function	CVE-2017-5637	2024-11-21 12:28	2017-10-10	Show	GitHub Exploit DB Packet Storm

248620	7.8	HIGH Local	sophos	hitmanpro	A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate p…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-6008	2024-11-21 12:28	2017-09-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed