Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256221 4 警告 IBM - IBM DB2 の DRDA Services コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-4328 2010-02-4 11:19 2009-12-16 Show GitHub Exploit DB Packet Storm
256222 7.2 危険 IBM - IBM DB2 の Install コンポーネントにおける脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4331 2010-02-4 11:19 2009-12-16 Show GitHub Exploit DB Packet Storm
256223 7.5 危険 IBM - IBM DB2 の Relational Data Services コンポーネントにおけるパスワードの引数を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4333 2010-02-4 11:19 2009-12-16 Show GitHub Exploit DB Packet Storm
256224 7.2 危険 IBM - IBM DB2 の Engine Utilities コンポーネントの db2licm における脆弱性 CWE-noinfo
情報不足 		CVE-2009-4330 2010-02-4 11:18 2009-12-16 Show GitHub Exploit DB Packet Storm
256225 4 警告 IBM - IBM DB2 の Engine Utilities コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-4329 2010-02-4 11:18 2009-12-16 Show GitHub Exploit DB Packet Storm
256226 7.2 危険 サイバートラスト株式会社
Linux		 - Linux kernel の kvm_dev_ioctl_get_supported_cpuid 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-3638 2010-02-3 14:35 2009-10-29 Show GitHub Exploit DB Packet Storm
256227 5 警告 Linear LLC
S2 Security		 - Linear eMerge のマネージメントコンポーネントにおけるサービス運用妨害 (DoS) CWE-noinfo
情報不足 		CVE-2009-3734 2010-02-3 14:35 2010-01-5 Show GitHub Exploit DB Packet Storm
256228 7.5 危険 The PHP Group
LibGD project
サイバートラスト株式会社
レッドハット		 - PHP および GD Graphics Library の _gdGetColors 関数におけるバッファオーバーフローの脆弱性 CWE-Other
その他 		CVE-2009-3546 2010-02-3 14:34 2009-10-19 Show GitHub Exploit DB Packet Storm
256229 6.8 警告 GNU Project
XEmacs
サイバートラスト株式会社		 - Emacs および XEmacs における .flc ファイルの処理に関する任意のコードを実行される脆弱性 CWE-DesignError
CVE-2008-2142 2010-02-2 11:43 2008-05-12 Show GitHub Exploit DB Packet Storm
256230 3.5 注意 Drupal
サイバートラスト株式会社		 - Drupal の Menu モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4370 2010-02-2 11:43 2009-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266461 5.4 MEDIUM
Network 		fourkitchens
fedoraproject 		block_class
fedora 		Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitra… CWE-79
Cross-site Scripting 		CVE-2016-3144 2024-11-21 11:49 2016-04-16 Show GitHub Exploit DB Packet Storm
266462 6.1 MEDIUM
Network 		redhat satellite
spacewalk-java 		Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Spacewalk and Red Hat Satellite 5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to systems… CWE-79
Cross-site Scripting 		CVE-2016-3079 2024-11-21 11:49 2016-04-14 Show GitHub Exploit DB Packet Storm
266463 3.8 LOW
Local 		oracle
xen
fedoraproject
debian 		vm_server
xen
fedora
debian_linux 		The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensiti… CWE-200
CWE-284
Information Exposure
Improper Access Control 		CVE-2016-3159 2024-11-21 11:49 2016-04-14 Show GitHub Exploit DB Packet Storm
266464 3.8 LOW
Local 		xen
fedoraproject
oracle 		xen
fedora
vm_server 		The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive … CWE-200
CWE-284
Information Exposure
Improper Access Control 		CVE-2016-3158 2024-11-21 11:49 2016-04-14 Show GitHub Exploit DB Packet Storm
266465 8.8 HIGH
Network 		mercurial
debian
suse
opensuse
fedoraproject
redhat 		mercurial
debian_linux
linux_enterprise_software_development_kit
linux_enterprise_debuginfo
opensuse
leap
fedora
enterprise_linux_desktop
enterprise_linux_server_aus
enterp… 		Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. CWE-20
 Improper Input Validation  		CVE-2016-3069 2024-11-21 11:49 2016-04-14 Show GitHub Exploit DB Packet Storm
266466 8.8 HIGH
Network 		debian
mercurial
fedoraproject
redhat
suse
opensuse 		debian_linux
mercurial
fedora
enterprise_linux_desktop
enterprise_linux_server_aus
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_li… 		Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. CWE-20
 Improper Input Validation  		CVE-2016-3068 2024-11-21 11:49 2016-04-14 Show GitHub Exploit DB Packet Storm
266467 8.8 HIGH
Network 		cacti cacti SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action. CWE-89
SQL Injection 		CVE-2016-3172 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
266468 7.8 HIGH
Local 		xen
canonical 		xen
ubuntu_linux 		The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-3157 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
266469 8.1 HIGH
Network 		drupal
debian 		drupal
debian_linux 		Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data trunc… CWE-19
 Data Processing Errors 		CVE-2016-3171 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
266470 5.3 MEDIUM
Network 		debian
drupal 		debian_linux
drupal 		The "have you forgotten your password" links in the User module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allow remote attackers to obtain sensitive username information by leveraging a configur… CWE-200
Information Exposure 		CVE-2016-3170 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm