Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257031 10 危険 マイクロソフト - Microsoft Windows のインターネット認証サービスにおけるネットワークリソースにアクセスされる脆弱性 CWE-255
CWE-94
CVE-2009-3677 2010-01-22 10:24 2009-12-8 Show GitHub Exploit DB Packet Storm
257032 10 危険 マイクロソフト - Microsoft Windows のインターネット認証サービスにおける任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2009-2505 2010-01-22 10:24 2009-12-8 Show GitHub Exploit DB Packet Storm
257033 6.9 警告 acpid - acpid の umask におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4235 2010-01-21 11:44 2009-12-7 Show GitHub Exploit DB Packet Storm
257034 6.9 警告 サイバートラスト株式会社
レッドハット
acpid		 - acpid のレッドハットパッチにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4033 2010-01-21 11:43 2009-12-7 Show GitHub Exploit DB Packet Storm
257035 10 危険 アドビシステムズ - Adobe Illustrator における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-3952 2010-01-21 11:43 2010-01-7 Show GitHub Exploit DB Packet Storm
257036 9.3 危険 アドビシステムズ - Adobe Illustrator における Encapsulated PostScript ファイルの処理に関する任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-4195 2010-01-21 11:43 2009-12-4 Show GitHub Exploit DB Packet Storm
257037 4.4 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux Kernel の exit_notify 関数における任意のシグナルをプロセスに送信可能な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1337 2010-01-21 11:23 2009-04-22 Show GitHub Exploit DB Packet Storm
257038 4.9 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux Kernel における sendmsg 関数の呼び出しに関するサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-5300 2010-01-21 11:22 2008-12-1 Show GitHub Exploit DB Packet Storm
257039 6.8 警告 シスコシステムズ - 複数の SSL VPN (Web VPN) 製品においてウェブブラウザのセキュリティが迂回される問題 CWE-264
認可・権限・アクセス制御 		CVE-2009-2631 2010-01-20 14:15 2009-12-1 Show GitHub Exploit DB Packet Storm
257040 4.4 警告 DAG
レッドハット		 - dstat における Python module の検索パスに関する権限昇格の脆弱性 CWE-Other
その他 		CVE-2009-3894 2010-01-20 14:15 2009-11-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
290611 - gwos groundwork_monitor The Profile Importer feature in monarch.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to read arbitrary files via an XML document containing an… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-3503 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
290612 - gwos groundwork_monitor monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by lev… CWE-255
Credentials Management 		CVE-2013-3502 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
290613 - gwos groundwork_monitor Multiple cross-site scripting (XSS) vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the foundation-weba… CWE-79
Cross-site Scripting 		CVE-2013-3501 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
290614 - gwos groundwork_monitor The Foundation webapp admin interface in GroundWork Monitor Enterprise 6.7.0 uses the nagios account as the owner of writable files under /usr/local/groundwork, which allows context-dependent attacke… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-3500 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
290615 - gwos groundwork_monitor GroundWork Monitor Enterprise 6.7.0 performs authentication on the basis of the HTTP Referer header, which allows remote attackers to obtain administrative privileges or access files via a crafted he… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-3499 2024-11-21 10:53 2013-05-8 Show GitHub Exploit DB Packet Storm
290616 - joomla joomla\! Cross-site scripting (XSS) vulnerability in the highlighter plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified… CWE-79
Cross-site Scripting 		CVE-2013-3267 2024-11-21 10:53 2013-05-3 Show GitHub Exploit DB Packet Storm
290617 - joomla joomla\! plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated use… CWE-20
 Improper Input Validation  		CVE-2013-3242 2024-11-21 10:53 2013-05-3 Show GitHub Exploit DB Packet Storm
290618 - freebsd freebsd The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in the new NFS server in FreeBSD 8.0 through 9.1-RELEASE-p3 does not verify that a READDIR request is for a directory node, which allows… CWE-20
 Improper Input Validation  		CVE-2013-3266 2024-11-21 10:53 2013-05-2 Show GitHub Exploit DB Packet Storm
290619 - vmware vcenter_server_appliance VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction w… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-3107 2024-11-21 10:53 2013-05-1 Show GitHub Exploit DB Packet Storm
290620 - linux linux_kernel Race condition in the smb_send_rqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly ha… CWE-362
Race Condition 		CVE-2013-3302 2024-11-21 10:53 2013-04-29 Show GitHub Exploit DB Packet Storm