Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
259401	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

259402	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

259403	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

259404	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

259405	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
247451	9.8	CRITICAL Network	libvnc_project canonical redhat debian	libvncserver ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_tus enterprise_linux_server_eus enterprise_linux_s…	LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution	CWE-787 Out-of-bounds Write	CVE-2018-15127	2024-11-21 12:50	2018-12-20	Show	GitHub Exploit DB Packet Storm

247452	9.8	CRITICAL Network	libvnc_project canonical debian	libvncserver ubuntu_linux debian_linux	LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution	CWE-416 Use After Free	CVE-2018-15126	2024-11-21 12:50	2018-12-20	Show	GitHub Exploit DB Packet Storm

247453	7.5	HIGH Network	f5	big-ip_local_traffic_manager big-ip_application_acceleration_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_access_policy_manager big-ip_application_security_manager<…	On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication …	CWE-200 Information Exposure	CVE-2018-15328	2024-11-21 12:50	2018-12-12	Show	GitHub Exploit DB Packet Storm

247454	9.1	CRITICAL Network	ge	cimplicity	XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0	CWE-611 XXE	CVE-2018-15362	2024-11-21 12:50	2018-12-8	Show	GitHub Exploit DB Packet Storm

247455	7.0	HIGH Local	f5	big-ip_access_policy_manager big-ip_access_policy_manager_client	The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on …	CWE-362 Race Condition	CVE-2018-15332	2024-11-21 12:50	2018-12-6	Show	GitHub Exploit DB Packet Storm

247456	9.8	CRITICAL Network	cisco	prime_license_manager	A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of …	CWE-89 SQL Injection	CVE-2018-15441	2024-11-21 12:50	2018-11-29	Show	GitHub Exploit DB Packet Storm

247457	8.8	HIGH Network	zyxel	nsa325_v2_firmware	A system command injection vulnerability in zyshclient in ZyXEL NSA325 V2 version 4.81 allows attackers to execute system commands via the web application API.	CWE-78 CWE-77 OS Command Command Injection	CVE-2018-14893	2024-11-21 12:50	2018-11-28	Show	GitHub Exploit DB Packet Storm

247458	8.8	HIGH Network	zyxel	nsa325_v2_firmware	Missing protections against Cross-Site Request Forgery in the web application in ZyXEL NSA325 V2 version 4.81 allow attackers to perform state-changing actions via crafted HTTP forms.	CWE-352 Origin Validation Error	CVE-2018-14892	2024-11-21 12:50	2018-11-28	Show	GitHub Exploit DB Packet Storm

247459	6.1	MEDIUM Network	polycom	trio_8500_firmware	The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS.	CWE-79 Cross-site Scripting	CVE-2018-14935	2024-11-21 12:50	2018-11-16	Show	GitHub Exploit DB Packet Storm

247460	6.5	MEDIUM Adjacent	polycom	trio_8500_firmware	The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device m…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2018-14934	2024-11-21 12:50	2018-11-16	Show	GitHub Exploit DB Packet Storm