Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257421	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

257422	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

257423	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

257424	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
264331	9.8	CRITICAL Network	revive-adserver	revive_adserver	Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful au…	CWE-384 Session Fixation	CVE-2016-9125	2024-11-21 12:00	2017-03-28	Show	GitHub Exploit DB Packet Storm

264332	9.8	CRITICAL Network	revive-adserver	revive_adserver	Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. The login page of Revive Adserver is vulnerable to password-guessing attacks. An account lockdown …	CWE-287 Improper Authentication	CVE-2016-9124	2024-11-21 12:00	2017-03-28	Show	GitHub Exploit DB Packet Storm

264333	7.5	HIGH Network	go-jose_project	go-jose	go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. An integer overflow could lead to authentication bypass for CBC-HMAC encrypted ciphertexts on 32-bit architectur…	CWE-190 Integer Overflow or Wraparound	CVE-2016-9123	2024-11-21 12:00	2017-03-28	Show	GitHub Exploit DB Packet Storm

264334	7.5	HIGH Network	go-jose_project	go-jose	go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose library supports messages with multiple signatures. However, when validating a signed message the API did not indicate …	CWE-284 Improper Access Control	CVE-2016-9122	2024-11-21 12:00	2017-03-28	Show	GitHub Exploit DB Packet Storm

264335	9.1	CRITICAL Network	go-jose_project	go-jose	go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received pu…	CWE-326 Inadequate Encryption Strength	CVE-2016-9121	2024-11-21 12:00	2017-03-28	Show	GitHub Exploit DB Packet Storm

264336	8.8	HIGH Network	ibm	cognos_business_intelligence	IBM Cognos Business Intelligence 10.2 could allow a user with lower privilege Capabilities to adopt the Capabilities of a higher-privilege user by intercepting the higher-privilege user's cookie valu…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-8960	2024-11-21 12:00	2017-03-28	Show	GitHub Exploit DB Packet Storm

264337	7.5	HIGH Network	f5	big-ip_local_traffic_manager big-ip_application_acceleration_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_access_policy_manager big-ip_application_security_manager<…	The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remot…	CWE-19 Data Processing Errors	CVE-2016-9252	2024-11-21 12:00	2017-03-28	Show	GitHub Exploit DB Packet Storm

264338	7.5	HIGH Network	cryptography.io fedoraproject canonical	cryptography fedora ubuntu_linux	HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.	NVD-CWE-noinfo	CVE-2016-9243	2024-11-21 12:00	2017-03-28	Show	GitHub Exploit DB Packet Storm

264339	7.5	HIGH Network	libdwarf_project	libdwarf	The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).	CWE-125 Out-of-bounds Read	CVE-2016-9276	2024-11-21 12:00	2017-03-24	Show	GitHub Exploit DB Packet Storm

264340	7.5	HIGH Network	libdwarf_project	libdwarf	Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read).	CWE-787 Out-of-bounds Write	CVE-2016-9275	2024-11-21 12:00	2017-03-24	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed