Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256491	6.8	警告	アップル	-	Apple Mac OS X の CoreAudio における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0060	2010-04-13 15:16	2010-03-29	Show	GitHub Exploit DB Packet Storm

256492	6.8	警告	アップル	-	Apple Mac OS X の CoreAudio における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0059	2010-04-13 15:16	2010-03-29	Show	GitHub Exploit DB Packet Storm

256493	6.4	警告	アップル	-	Apple Mac OS X の ClamAV におけるシステムにウィルスを取り込む脆弱性	CWE-16 環境設定	CVE-2010-0058	2010-04-13 15:16	2010-03-29	Show	GitHub Exploit DB Packet Storm

256494	7.5	危険	アップル	-	Apple Mac OS X の AFP サーバにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0533	2010-04-13 15:16	2010-03-29	Show	GitHub Exploit DB Packet Storm

256495	7.5	危険	アップル	-	Apple Mac OS X の AFP サーバにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0057	2010-04-13 15:16	2010-03-29	Show	GitHub Exploit DB Packet Storm

256496	6.4	警告	アップル	-	Apple Mac OS X のアプリケーションファイアウォールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-2801	2010-04-13 15:15	2010-03-29	Show	GitHub Exploit DB Packet Storm

256497	6.8	警告	アップル	-	Apple Mac OS X の Cocoa のスペルチェック機能におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0056	2010-04-13 15:15	2010-03-29	Show	GitHub Exploit DB Packet Storm

256498	4.4	警告	アップルサイバートラスト株式会社 Carnegie Mellon University (Project Cyrus) レッドハット	-	Cyrus IMAPd にバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-2632	2010-04-13 14:46	2009-09-10	Show	GitHub Exploit DB Packet Storm

256499	7.5	危険	Haxx アップルサイバートラスト株式会社レッドハット	-	cURL および libcurl における、任意の SSL サーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2009-2417	2010-04-13 14:46	2009-08-12	Show	GitHub Exploit DB Packet Storm

256500	6.8	警告	Haxx アップルサイバートラスト株式会社レッドハット	-	curl および libcurl の redirect 実装における任意のコマンドを実行される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-0037	2010-04-13 14:45	2009-03-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
279791	-	ibm	db2	IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML q…	CWE-399 Resource Management Errors	CVE-2014-8901	2024-11-21 11:19	2014-12-19	Show	GitHub Exploit DB Packet Storm

279792	-	ibm	websphere_application_server	IBM WebSphere Application Server Liberty Profile 8.5.x before 8.5.5.4 allows remote attackers to gain privileges by leveraging the combination of a servlet's deployment descriptor security constraint…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-8890	2024-11-21 11:19	2014-12-19	Show	GitHub Exploit DB Packet Storm

279793	-	mantisbt	mantisbt	The mci_account_get_array_by_id function in api/soap/mc_account_api.php in MantisBT before 1.2.18 allows remote attackers to obtain sensitive information via a (1) mc_project_get_users, (2) mc_issue_…	CWE-200 Information Exposure	CVE-2014-8553	2024-11-21 11:19	2014-12-18	Show	GitHub Exploit DB Packet Storm

279794	-	goywp	webpress	Multiple cross-site scripting (XSS) vulnerabilities in goYWP WebPress 13.00.06 allow remote attackers to inject arbitrary web script or HTML via the (1) search_param parameter to search.php or (2) na…	CWE-79 Cross-site Scripting	CVE-2014-8751	2024-11-21 11:19	2014-12-17	Show	GitHub Exploit DB Packet Storm

279795	-	modwsgi	mod_wsgi	mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecifie…	CWE-254 7PK - Security Features	CVE-2014-8583	2024-11-21 11:19	2014-12-17	Show	GitHub Exploit DB Packet Storm

279796	-	google	android	AndroidManifest.xml in Android before 5.0.0 does not require the SEND_SMS permission for the SmsReceiver receiver, which allows attackers to send stored SMS messages, and consequently transmit arbitr…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-8610	2024-11-21 11:19	2014-12-16	Show	GitHub Exploit DB Packet Storm

279797	-	google	android	The addAccount method in src/com/android/settings/accounts/AddAccountSettings.java in the Settings application in Android before 5.0.0 does not properly create a PendingIntent, which allows attackers…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-8609	2024-11-21 11:19	2014-12-16	Show	GitHub Exploit DB Packet Storm

279798	-	google	android	Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android before 5.0.0 allow rem…	CWE-89 SQL Injection	CVE-2014-8507	2024-11-21 11:19	2014-12-16	Show	GitHub Exploit DB Packet Storm

279799	-	k7computing	k7av_sentry_device_driver	The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to cause a denial of service (NULL pointer derefer…	NVD-CWE-Other	CVE-2014-8608	2024-11-21 11:19	2014-12-13	Show	GitHub Exploit DB Packet Storm

279800	-	bittorrent	bittorrent	The web interface in BitTorrent allows remote attackers to execute arbitrary commands by leveraging knowledge of the pairing values and a crafted request to port 10000.	CWE-77 Command Injection	CVE-2014-8515	2024-11-21 11:19	2014-12-13	Show	GitHub Exploit DB Packet Storm