Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 15, 2024, 6:02 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
204091 6.8 警告 マイクロソフト - Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性 CWE-20
不適切な入力確認
CVE-2009-2513 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
204092 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限を取得される脆弱性 CWE-20
不適切な入力確認
CVE-2009-1127 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
204093 10 危険 マイクロソフト - Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2009-2523 2010-01-4 15:24 2009-11-10 Show GitHub Exploit DB Packet Storm
204094 9.3 危険 マイクロソフト - Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2009-2512 2010-01-4 15:23 2009-11-10 Show GitHub Exploit DB Packet Storm
204095 10 危険 アップル
VMware
サン・マイクロシステムズ
- Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足
CVE-2009-2722 2010-01-4 14:56 2009-08-10 Show GitHub Exploit DB Packet Storm
204096 10 危険 アップル
VMware
サン・マイクロシステムズ
- Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足
CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 15, 2024, 4:16 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258041 - progea movicon The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651. CWE-200
Information Exposure
CVE-2014-0778 2014-04-22 03:50 2014-04-20 Show GitHub Exploit DB Packet Storm
258042 - remote-rac rac_server PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a denial of service (disabled keyboard or crash) via a large input buffer to unspecified IOCTL requests in RACDriver.sys, which tr… CWE-20
 Improper Input Validation 
CVE-2014-2597 2014-04-22 03:15 2014-04-19 Show GitHub Exploit DB Packet Storm
258043 - digium asterisk The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS requ… CWE-20
 Improper Input Validation 
CVE-2014-2288 2014-04-22 02:50 2014-04-19 Show GitHub Exploit DB Packet Storm
258044 - digium asterisk res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request witho… CWE-20
 Improper Input Validation 
CVE-2014-2289 2014-04-22 02:50 2014-04-19 Show GitHub Exploit DB Packet Storm
258045 - digium
fedoraproject
certified_asterisk
asterisk
fedora
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cert2, when c… CWE-20
 Improper Input Validation 
CVE-2014-2287 2014-04-22 02:37 2014-04-19 Show GitHub Exploit DB Packet Storm
258046 - digium
fedoraproject
asterisk
fedora
certified_asterisk
main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.x before 1.8.15-cert5 and 11.6 before 11.6-cert2, allows remote a… CWE-20
 Improper Input Validation 
CVE-2014-2286 2014-04-22 02:20 2014-04-19 Show GitHub Exploit DB Packet Storm
258047 - f-secure secure_messaging_secure_gateway Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new par… CWE-79
Cross-site Scripting
CVE-2014-2844 2014-04-22 00:08 2014-04-18 Show GitHub Exploit DB Packet Storm
258048 - f-secure anti-virus
email_and_server_security
server_security
SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Ant… CWE-89
SQL Injection
CVE-2013-7369 2014-04-21 23:49 2014-04-18 Show GitHub Exploit DB Packet Storm
258049 - kokuyo camiapp The Content Provider in the KOKUYO CamiApp application 1.21.1 and earlier for Android allows attackers to bypass intended access restrictions and read database information via a crafted application. CWE-264
Permissions, Privileges, and Access Controls
CVE-2014-1986 2014-04-19 13:48 2014-04-16 Show GitHub Exploit DB Packet Storm
258050 - lightwitch
prosody
metronome
prosody
plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cau… CWE-20
 Improper Input Validation 
CVE-2014-2744 2014-04-19 13:48 2014-04-11 Show GitHub Exploit DB Packet Storm