Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
259801 9.3 危険 マイクロソフト - Microsoft Internet Explorer における無効なフラグ参照に起因する脆弱性 CWE-399
リソース管理の問題
CVE-2010-3962 2010-12-27 14:36 2010-11-4 Show GitHub Exploit DB Packet Storm
259802 10 危険 CA Technologies - CA PSFormX および CA WebScan ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-20
CWE-noinfo
CVE-2010-2193 2010-12-27 11:49 2010-06-8 Show GitHub Exploit DB Packet Storm
259803 2.6 注意 CA Technologies - CA eHealth Performance Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-0640 2010-12-27 11:44 2010-02-24 Show GitHub Exploit DB Packet Storm
259804 9.3 危険 CA Technologies - CA eTrust PestPatrol の PestPatrol ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-4225 2010-12-27 11:41 2009-12-8 Show GitHub Exploit DB Packet Storm
259805 4.3 警告 CA Technologies - CA Service Desk の Web インターフェイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2009-4149 2010-12-27 11:38 2009-12-8 Show GitHub Exploit DB Packet Storm
259806 4.3 警告 CA Technologies - 複数の CA 製品の Anti-Virus エンジン内にある arclib コンポーネントおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足
CVE-2009-3588 2010-12-27 11:36 2009-10-8 Show GitHub Exploit DB Packet Storm
259807 9.3 危険 CA Technologies - 複数の CA 製品の Anti-Virus エンジン内にある arclib コンポーネントにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2009-3587 2010-12-27 11:32 2009-10-8 Show GitHub Exploit DB Packet Storm
259808 5 警告 CA Technologies - CA Host-Based Intrusion Prevention System の kmxIds.sys におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2009-2740 2010-12-27 11:24 2009-08-18 Show GitHub Exploit DB Packet Storm
259809 4.3 警告 CA Technologies - CA SiteMinder における J2EE アプリケーションのクロスサイトスクリプティングに対する保護を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2009-2705 2010-12-27 11:19 2009-08-11 Show GitHub Exploit DB Packet Storm
259810 4.3 警告 CA Technologies - CA SiteMinder における J2EE アプリケーションのクロスサイトスクリプティングに対する保護を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2009-2704 2010-12-27 10:47 2009-08-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
272231 4.4 MEDIUM
Local
sophos unified_threat_management_software The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the proxy user settings in … CWE-200
Information Exposure
CVE-2016-7442 2024-11-21 11:58 2016-10-4 Show GitHub Exploit DB Packet Storm
272232 9.8 CRITICAL
Network
libgd
php
debian
libgd
php
debian_linux
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service … CWE-190
 Integer Overflow or Wraparound
CVE-2016-7568 2024-11-21 11:58 2016-09-29 Show GitHub Exploit DB Packet Storm
272233 6.5 MEDIUM
Network
openstack compute_\(nova\) OpenStack Compute (nova) 13.0.0 does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances wh… CWE-399
 Resource Management Errors
CVE-2016-7498 2024-11-21 11:58 2016-09-28 Show GitHub Exploit DB Packet Storm
272234 7.5 HIGH
Network
gnu gnutls The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to … CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-7444 2024-11-21 11:58 2016-09-28 Show GitHub Exploit DB Packet Storm
272235 8.8 HIGH
Network
google chrome Google Chrome before 53.0.2785.113 does not ensure that the recipient of a certain IPC message is a valid RenderFrame or RenderWidget, which allows remote attackers to cause a denial of service (inva… NVD-CWE-noinfo
CVE-2016-7549 2024-11-21 11:58 2016-09-26 Show GitHub Exploit DB Packet Storm
272236 7.5 HIGH
Network
pritunl pritunl-client A flaw was found in pritunl-client before version 1.0.1116.6. A lack of signature verification leads to sensitive information leakage CWE-347
 Improper Verification of Cryptographic Signature
CVE-2016-7064 2024-11-21 11:57 2020-07-22 Show GitHub Exploit DB Packet Storm
272237 9.8 CRITICAL
Network
pritunl pritunl-client A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation. CWE-22
Path Traversal
CVE-2016-7063 2024-11-21 11:57 2020-07-22 Show GitHub Exploit DB Packet Storm
272238 9.8 CRITICAL
Network
lexmark markvision_enterprise Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attackers to execute arbitrary commands by uploading files. ( CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2016-6918 2024-11-21 11:57 2020-03-10 Show GitHub Exploit DB Packet Storm
272239 9.8 CRITICAL
Network
php ext-http A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attacker… CWE-704
 Incorrect Type Conversion or Cast
CVE-2016-7398 2024-11-21 11:57 2019-09-7 Show GitHub Exploit DB Packet Storm
272240 9.8 CRITICAL
Network
openstack magnum OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API acces… CWE-200
Information Exposure
CVE-2016-7404 2024-11-21 11:57 2019-06-21 Show GitHub Exploit DB Packet Storm