Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256521	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer に脆弱性	CWE-94 コード・インジェクション	CVE-2009-3672	2010-01-14 12:08	2009-11-25	Show	GitHub Exploit DB Packet Storm

256522	9.3	危険	サン・マイクロシステムズ VMware	-	Sun Java SE の java.lang パッケージにおける脆弱性	CWE-362 競合状態	CVE-2009-2724	2010-01-14 12:08	2009-08-10	Show	GitHub Exploit DB Packet Storm

256523	10	危険	サン・マイクロシステムズ VMware	-	Sun Java SE の Provider クラスにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-2721	2010-01-14 12:08	2009-08-10	Show	GitHub Exploit DB Packet Storm

256524	5	警告	有限会社シースリー	-	WebCalenderC3 におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0348	2010-01-12 15:01	2010-01-12	Show	GitHub Exploit DB Packet Storm

256525	4.3	警告	有限会社シースリー	-	WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0349	2010-01-12 15:00	2010-01-12	Show	GitHub Exploit DB Packet Storm

256526	10	危険	サイバートラスト株式会社 XEmacs	-	XEmacs の glyphs-eimage.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-2688	2010-01-12 14:48	2009-08-5	Show	GitHub Exploit DB Packet Storm

256527	6.8	警告	IBM	-	IBM WebSphere Application Server (WAS) におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-2746	2010-01-12 14:48	2009-11-13	Show	GitHub Exploit DB Packet Storm

256528	5	警告	アップル	-	Apple Safari におけるローカル HTML ファイルを読まれる脆弱性	CWE-Other その他	CVE-2009-2842	2010-01-7 12:09	2009-11-11	Show	GitHub Exploit DB Packet Storm

256529	5.5	警告	シックス・アパート株式会社	-	Movable Type におけるアクセス制限回避の脆弱性	CWE-264 認可・権限・アクセス制御	-	2010-01-6 15:01	2010-01-6	Show	GitHub Exploit DB Packet Storm

256530	9.3	危険	マイクロソフト	-	Microsoft Office Word および Open XML File Format Converter における、任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3135	2010-01-6 14:44	2009-11-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
250061	9.8	CRITICAL Network	codesys	web_server	An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualizati…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2017-6027	2024-11-21 12:28	2017-05-19	Show	GitHub Exploit DB Packet Storm

250062	9.8	CRITICAL Network	codesys	web_server	A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualizatio…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-6025	2024-11-21 12:28	2017-05-19	Show	GitHub Exploit DB Packet Storm

250063	7.3	HIGH Local	leao_consultoria_e_desenvolvimento_de_sistemas	ltda_me_laquis_scada	An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. The following versions are affected: Versions 4.1 and prior versions rel…	NVD-CWE-noinfo	CVE-2017-6016	2024-11-21 12:28	2017-05-19	Show	GitHub Exploit DB Packet Storm

250064	6.5	MEDIUM Network	apache	ambari	In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the ho…	CWE-200 Information Exposure	CVE-2017-5655	2024-11-21 12:28	2017-05-15	Show	GitHub Exploit DB Packet Storm

250065	7.5	HIGH Network	apache	ambari	In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.	CWE-91 Blind XPath Injection	CVE-2017-5654	2024-11-21 12:28	2017-05-13	Show	GitHub Exploit DB Packet Storm

250066	5.9	MEDIUM Network	oneplus	oxygenos	An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. OxygenOS and HydrogenOS are vulnerable to downgrade attacks. This is due to a lenient 'updater-script' in OTAs that does not check tha…	CWE-20 Improper Input Validation	CVE-2017-5948	2024-11-21 12:28	2017-05-12	Show	GitHub Exploit DB Packet Storm

250067	7.5	HIGH Network	asus	rt-ac1750_firmware	ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map.	CWE-200 Information Exposure	CVE-2017-5892	2024-11-21 12:28	2017-05-10	Show	GitHub Exploit DB Packet Storm

250068	8.8	HIGH Network	asus	rt-ac1750_firmware	ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF.	CWE-352 Origin Validation Error	CVE-2017-5891	2024-11-21 12:28	2017-05-10	Show	GitHub Exploit DB Packet Storm

250069	7.0	HIGH Local	blftech	visualview_hmi	An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior. The uncontrolled search path element vulnerability has been identified, which may a…	CWE-427 Uncontrolled Search Path Element	CVE-2017-6051	2024-11-21 12:28	2017-05-9	Show	GitHub Exploit DB Packet Storm

250070	8.8	HIGH Network	certec_edv_gmbh	atvise_scada	A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may al…	CWE-74 Injection	CVE-2017-6031	2024-11-21 12:28	2017-05-6	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed