Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
259241 6.8 警告 マイクロソフト - Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-2513 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
259242 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
259243 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
259244 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
259245 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
259246 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246561 5.5 MEDIUM
Local 		stopzilla antimalware An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x800… CWE-20
 Improper Input Validation  		CVE-2018-15737 2024-11-21 12:51 2019-06-21 Show GitHub Exploit DB Packet Storm
246562 5.5 MEDIUM
Local 		stopzilla antimalware An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x800… CWE-20
 Improper Input Validation  		CVE-2018-15736 2024-11-21 12:51 2019-06-21 Show GitHub Exploit DB Packet Storm
246563 6.1 MEDIUM
Network 		cloudera cloudera_manager An issue was discovered in Cloudera Manager 5.x through 5.15.0. One type of page in Cloudera Manager uses a 'returnUrl' parameter to redirect the user to another page in Cloudera Manager once a wizar… CWE-79
Cross-site Scripting 		CVE-2018-15913 2024-11-21 12:51 2019-06-21 Show GitHub Exploit DB Packet Storm
246564 4.3 MEDIUM
Network 		freepbx disa FreePBX 13 and 14 has SQL Injection in the DISA module via the hangup variable on the /admin/config.php?display=disa&view=form page. CWE-89
SQL Injection 		CVE-2018-15892 2024-11-21 12:51 2019-06-21 Show GitHub Exploit DB Packet Storm
246565 4.8 MEDIUM
Network 		freepbx
sangoma 		freepbx An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module … CWE-79
Cross-site Scripting 		CVE-2018-15891 2024-11-21 12:51 2019-06-21 Show GitHub Exploit DB Packet Storm
246566 9.8 CRITICAL
Network 		ethereum ethereumj An issue was discovered in EthereumJ 1.8.2. There is Unsafe Deserialization in ois.readObject in mine/Ethash.java and decoder.readObject in crypto/ECKey.java. When a node syncs and mines a new block,… CWE-502
 Deserialization of Untrusted Data 		CVE-2018-15890 2024-11-21 12:51 2019-06-21 Show GitHub Exploit DB Packet Storm
246567 7.5 HIGH
Local 		docker docker In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access t… CWE-362
Race Condition 		CVE-2018-15664 2024-11-21 12:51 2019-05-23 Show GitHub Exploit DB Packet Storm
246568 6.1 MEDIUM
Network 		xerox colorqube_8580_firmware Cross-site scripting (XSS) in the web interface of the Xerox ColorQube 8580 allows remote persistent injection of custom HTML / JavaScript code. CWE-79
Cross-site Scripting 		CVE-2018-15530 2024-11-21 12:51 2019-05-13 Show GitHub Exploit DB Packet Storm
246569 6.1 MEDIUM
Network 		sir gnuboard Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTM… CWE-79
Cross-site Scripting 		CVE-2018-15584 2024-11-21 12:51 2019-04-27 Show GitHub Exploit DB Packet Storm
246570 6.1 MEDIUM
Network 		sir gnuboard Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_book_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script o… CWE-79
Cross-site Scripting 		CVE-2018-15582 2024-11-21 12:51 2019-04-27 Show GitHub Exploit DB Packet Storm