Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256211	6.8	警告	アップル	-	Java の window drawing 実装における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2010-0539	2010-06-7 17:58	2010-05-18	Show	GitHub Exploit DB Packet Storm

256212	6.8	警告	アップル	-	Apple Mac OS X 上で稼働する Java における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0538	2010-06-7 17:58	2010-05-18	Show	GitHub Exploit DB Packet Storm

256213	6.5	警告	PostgreSQL.org サイバートラスト株式会社ターボリナックスサン・マイクロシステムズレッドハット	-	PostgreSQL におけるインデックスの処理に関する権限を取得される脆弱性	CWE-Other その他	CVE-2009-4136	2010-06-7 16:48	2009-12-15	Show	GitHub Exploit DB Packet Storm

256214	-	-	コンソナ	-	Consona (旧 SupportSoft) Intelligent Assistance Suite (IAS) に複数の脆弱性	-	-	2010-06-4 17:58	2010-05-13	Show	GitHub Exploit DB Packet Storm

256215	7.5	危険	アップル VMware サン・マイクロシステムズヒューレット・パッカードレッドハット	-	JDK および JRE の Java プラグインにおける古い JRE バージョンで動作可能な脆弱性	CWE-DesignError	CVE-2009-1105	2010-06-4 15:54	2009-03-24	Show	GitHub Exploit DB Packet Storm

256216	10	危険	日立	-	Collaboration - Common Utility におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	-	2010-06-3 15:19	2010-05-12	Show	GitHub Exploit DB Packet Storm

256217	10	危険	日立 CA Technologies	-	CA ARCserve Backup および BrightStor ARCserve Backup における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	-	2010-06-3 15:19	2010-03-18	Show	GitHub Exploit DB Packet Storm

256218	6.4	警告	サイバートラスト株式会社 MySQL AB ターボリナックスレッドハット	-	MySQL における SSL サーバになりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2009-4028	2010-06-3 14:57	2009-11-4	Show	GitHub Exploit DB Packet Storm

256219	4	警告	富士通九州システムズ	-	e-Pares におけるセッション固定の脆弱性	CWE-Other その他	CVE-2010-2149	2010-06-2 15:05	2010-06-2	Show	GitHub Exploit DB Packet Storm

256220	2.6	注意	富士通九州システムズ	-	e-Pares におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-2151	2010-06-2 15:04	2010-06-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
279311	9.8	CRITICAL Network	honeywell	experion_process_knowledge_system	Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could l…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-9187	2024-11-21 11:20	2019-03-26	Show	GitHub Exploit DB Packet Storm

279312	7.5	HIGH Network	microsoft	internet_explorer	Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-8985	2024-11-21 11:20	2018-02-9	Show	GitHub Exploit DB Packet Storm

279313	6.5	MEDIUM Network	libdwarf_project	libdwarf	Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file.	CWE-416 Use After Free	CVE-2014-9482	2024-11-21 11:20	2018-01-17	Show	GitHub Exploit DB Packet Storm

279314	8.8	HIGH Network	dasanzhone	znid_2426a_firmware	The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.	CWE-77 Command Injection	CVE-2014-9118	2024-11-21 11:20	2017-10-18	Show	GitHub Exploit DB Packet Storm

279315	9.8	CRITICAL Network	fiyo	fiyo_cms	Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the (1) "Install and Update" or (2) Backup super administrator function via the view parameter in a direct …	CWE-284 Improper Access Control	CVE-2014-9148	2024-11-21 11:20	2017-10-17	Show	GitHub Exploit DB Packet Storm

279316	7.5	HIGH Network	fiyo	fiyo_cms	Fiyo CMS 2.0.1.8 allows remote attackers to obtain sensitive information via a direct request to the database backup file in .backup/.	CWE-200 Information Exposure	CVE-2014-9147	2024-11-21 11:20	2017-10-17	Show	GitHub Exploit DB Packet Storm

279317	6.5	MEDIUM Network	libjpeg-turbo fedoraproject canonical	libjpeg-turbo fedora ubuntu_linux	libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-9092	2024-11-21 11:20	2017-10-10	Show	GitHub Exploit DB Packet Storm

279318	9.8	CRITICAL Network	mpfr	gnu_mpfr	Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-9474	2024-11-21 11:20	2017-10-10	Show	GitHub Exploit DB Packet Storm

279319	5.4	MEDIUM Network	openkm	openkm	Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allows remote authenticated users to inject arbitrary web script or HTML via the Tasks parameter.	CWE-79 Cross-site Scripting	CVE-2014-8957	2024-11-21 11:20	2017-10-7	Show	GitHub Exploit DB Packet Storm

279320	8.8	HIGH Network	vbseo	vbseo	functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to execute arbitrary code via the HTTP Referer header to visitormessage.php.	CWE-94 Code Injection	CVE-2014-9463	2024-11-21 11:20	2017-09-16	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed