Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257221	4.3	警告	IBM Apache Software Foundation アップルサイバートラスト株式会社ヒューレット・パッカードターボリナックスレッドハット	-	Apache の mod_proxy_ftp における UTF-7 エンコードに関するクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0005	2010-04-28 15:18	2008-01-11	Show	GitHub Exploit DB Packet Storm

257222	10	危険	IntelliCom Innovation AB	-	IntelliCom NetBiter デバイスにおけるデフォルトパスワードの問題	CWE-255 証明書・パスワード管理	CVE-2009-4463	2010-04-27 16:10	2010-04-7	Show	GitHub Exploit DB Packet Storm

257223	9.3	危険	Foxit Software Inc	-	Foxit Reader に任意のコード実行が可能な脆弱性	CWE-94 コード・インジェクション	CVE-2010-1239	2010-04-27 16:10	2010-04-6	Show	GitHub Exploit DB Packet Storm

257224	10	危険	ヒューレット・パッカード	-	Broadcom NetXtreme 管理用ファームウェアにバッファオーバーフローの脆弱性	CWE-noinfo 情報不足	CVE-2010-0104	2010-04-27 16:09	2010-03-31	Show	GitHub Exploit DB Packet Storm

257225	6.8	警告	アップル	-	AirPort Utility におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-2822	2010-04-27 16:09	2010-03-31	Show	GitHub Exploit DB Packet Storm

257226	9.3	危険	アップル	-	Apple Safari の ColorSync における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-0040	2010-04-27 15:20	2010-03-15	Show	GitHub Exploit DB Packet Storm

257227	4	警告	Squid-cache.org サイバートラスト株式会社ターボリナックスレッドハット	-	Squid の lib/rfc1035.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0308	2010-04-27 15:20	2010-01-28	Show	GitHub Exploit DB Packet Storm

257228	6.8	警告	アップル	-	Apple Mac OS X の QuickDraw Manager におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-2837	2010-04-27 15:20	2009-11-9	Show	GitHub Exploit DB Packet Storm

257229	5	警告	Squid-cache.org サイバートラスト株式会社ターボリナックスレッドハット	-	Squid の strListGetItem 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-2855	2010-04-27 15:19	2009-08-18	Show	GitHub Exploit DB Packet Storm

257230	4.3	警告	アップルサイバートラスト株式会社 LibTIFF サン・マイクロシステムズレッドハット	-	libtiff の LZWDecodeCompat 関数におけるバッファアンダーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-2285	2010-04-27 15:19	2009-07-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
250361	5.5	MEDIUM Local	ytnef_project canonical	ytnef ubuntu_linux	In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.	CWE-125 Out-of-bounds Read	CVE-2017-9471	2024-11-21 12:36	2017-06-7	Show	GitHub Exploit DB Packet Storm

250362	5.5	MEDIUM Local	ytnef_project	ytnef	In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.	CWE-476 NULL Pointer Dereference	CVE-2017-9470	2024-11-21 12:36	2017-06-7	Show	GitHub Exploit DB Packet Storm

250363	7.5	HIGH Network	irssi debian	irssi debian_linux	In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-9469	2024-11-21 12:36	2017-06-7	Show	GitHub Exploit DB Packet Storm

250364	7.5	HIGH Network	irssi debian	irssi debian_linux	In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash.	CWE-476 NULL Pointer Dereference	CVE-2017-9468	2024-11-21 12:36	2017-06-7	Show	GitHub Exploit DB Packet Storm

250365	7.1	HIGH Local	virustotal	yara	The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a …	CWE-125 Out-of-bounds Read	CVE-2017-9465	2024-11-21 12:36	2017-06-7	Show	GitHub Exploit DB Packet Storm

250366	8.8	HIGH Network	mercurial debian redhat	mercurial debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_tus enterprise_linux_server_aus enterprise_linux_serv…	In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2017-9462	2024-11-21 12:36	2017-06-7	Show	GitHub Exploit DB Packet Storm

250367	6.5	MEDIUM Network	samba redhat debian	samba enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus enterprise_linux_server_tus debian_lin…	smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling sym…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2017-9461	2024-11-21 12:36	2017-06-7	Show	GitHub Exploit DB Packet Storm

250368	4.8	MEDIUM Network	piwigo	piwigo	Cross-site scripting (XSS) vulnerability in admin.php in Piwigo 2.9.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter.	CWE-79 Cross-site Scripting	CVE-2017-9452	2024-11-21 12:36	2017-06-7	Show	GitHub Exploit DB Packet Storm

250369	6.1	MEDIUM Network	flatcore	flatcore	Cross site scripting (XSS) vulnerability in pages.edit_form.php in flatCore 1.4.6 allows remote attackers to inject arbitrary JavaScript via the PATH_INFO in an acp.php URL, due to use of unsanitized…	CWE-79 Cross-site Scripting	CVE-2017-9451	2024-11-21 12:36	2017-06-7	Show	GitHub Exploit DB Packet Storm

250370	8.8	HIGH Network	bigtreecms	bigtree_cms	SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php. The attacker c…	CWE-89 SQL Injection	CVE-2017-9449	2024-11-21 12:36	2017-06-7	Show	GitHub Exploit DB Packet Storm