Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257311	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

257312	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

257313	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

257314	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266621	9.8	CRITICAL Network	animas	onetouch_ping_firmware	Johnson & Johnson Animas OneTouch Ping devices mishandle acknowledgements, which makes it easier for remote attackers to bypass authentication via a custom communication protocol.	CWE-287 Improper Authentication	CVE-2016-5686	2024-11-21 11:54	2016-10-5	Show	GitHub Exploit DB Packet Storm

266622	3.3	LOW Local	redhat	enterprise_virtualization	The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2016-5432	2024-11-21 11:54	2016-10-4	Show	GitHub Exploit DB Packet Storm

266623	5.4	MEDIUM Network	redhat	jboss_bpm_suite	Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permis…	CWE-79 Cross-site Scripting	CVE-2016-5398	2024-11-21 11:54	2016-10-4	Show	GitHub Exploit DB Packet Storm

266624	9.8	CRITICAL Network	f5	big-ip_policy_enforcement_manager big-ip_local_traffic_manager big-ip_websafe big-ip_link_controller big-ip_application_acceleration_manager big-ip_access_policy_manager big-ip_adva…	Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured wit…	CWE-284 Improper Access Control	CVE-2016-5700	2024-11-21 11:54	2016-10-4	Show	GitHub Exploit DB Packet Storm

266625	5.1	MEDIUM Local	opensuse yast	libstorage-ng yast-storage libstorage leap	libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by re…	NVD-CWE-Other	CVE-2016-5746	2024-11-21 11:54	2016-09-27	Show	GitHub Exploit DB Packet Storm

266626	8.8	HIGH Network	redhat	jboss_enterprise_application_platform	The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RB…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-5406	2024-11-21 11:54	2016-09-26	Show	GitHub Exploit DB Packet Storm

266627	4.8	MEDIUM Network	apache	ranger	Cross-site scripting (XSS) vulnerability in the create user functionality in the policy admin tool in Apache Ranger before 0.6.1 allows remote authenticated administrators to inject arbitrary web scr…	CWE-79 Cross-site Scripting	CVE-2016-5395	2024-11-21 11:54	2016-09-26	Show	GitHub Exploit DB Packet Storm

266628	7.5	HIGH Network	powerdns	authoritative	PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a cra…	CWE-399 Resource Management Errors	CVE-2016-5427	2024-11-21 11:54	2016-09-21	Show	GitHub Exploit DB Packet Storm

266629	7.5	HIGH Network	powerdns	authoritative	PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname.	CWE-399 Resource Management Errors	CVE-2016-5426	2024-11-21 11:54	2016-09-21	Show	GitHub Exploit DB Packet Storm

266630	7.5	HIGH Network	redhat oracle libarchive	enterprise_linux_hpc_node enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation linux openshift libarchive enterprise_linux_server_aus enterprise_linux…	The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive fil…	CWE-20 CWE-19 Improper Input Validation Data Processing Errors	CVE-2016-5418	2024-11-21 11:54	2016-09-21	Show	GitHub Exploit DB Packet Storm