Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228051 7.5 危険 phpscriptsnow - PHP Scripts Now Riddles の list.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2891 2012-12-20 19:28 2009-08-20 Show GitHub Exploit DB Packet Storm
228052 4.3 警告 phpscriptsnow - PHP Scripts Now Riddles の results.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2890 2012-12-20 19:28 2009-08-20 Show GitHub Exploit DB Packet Storm
228053 4.3 警告 phpscriptsnow - PHP Scripts Now Hangman の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2889 2012-12-20 19:28 2009-08-20 Show GitHub Exploit DB Packet Storm
228054 7.5 危険 phpscriptsnow - PHP Scripts Now Hangman の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2888 2012-12-20 19:28 2009-08-20 Show GitHub Exploit DB Packet Storm
228055 4.3 警告 phpscriptsnow - PHP Scripts Now President Bios の bios.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2887 2012-12-20 19:28 2009-08-20 Show GitHub Exploit DB Packet Storm
228056 7.5 危険 phpscriptsnow - PHP Scripts Now President Bios の bios.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2886 2012-12-20 19:10 2009-08-20 Show GitHub Exploit DB Packet Storm
228057 7.5 危険 phpscriptsnow - PHP Scripts Now World's Tallest Buildings の bios.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2885 2012-12-20 19:10 2009-08-20 Show GitHub Exploit DB Packet Storm
228058 4.3 警告 phpscriptsnow - PHP Scripts Now World's Tallest Buildings の bios.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2884 2012-12-20 19:10 2009-08-20 Show GitHub Exploit DB Packet Storm
228059 3.5 注意 サン・マイクロシステムズ - Sun VDI における VDI 設定データを平文で読まれる脆弱性 CWE-200
情報漏えい 		CVE-2009-2856 2012-12-20 19:10 2009-08-14 Show GitHub Exploit DB Packet Storm
228060 6.4 警告 WordPress.org - Wordpress における許可されていない編集などをされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-2854 2012-12-20 19:10 2009-08-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221331 7.8 HIGH
Local 		google android In ACELP_4t64_fx of c4t64fx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. … CWE-787
 Out-of-bounds Write 		CVE-2019-2128 2024-11-21 13:40 2019-08-21 Show GitHub Exploit DB Packet Storm
221332 7.8 HIGH
Local 		google android In AudioInputDescriptor::setClientActive of AudioInputDescriptor.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional … CWE-787
CWE-416
 Out-of-bounds Write
 Use After Free 		CVE-2019-2127 2024-11-21 13:40 2019-08-21 Show GitHub Exploit DB Packet Storm
221333 8.8 HIGH
Network 		google
fedoraproject
canonical
opensuse 		android
fedora
ubuntu_linux
leap 		In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileg… CWE-415
 Double Free 		CVE-2019-2126 2024-11-21 13:40 2019-08-21 Show GitHub Exploit DB Packet Storm
221334 7.3 HIGH
Local 		google android In ChangeDefaultDialerDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without t… CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2019-2125 2024-11-21 13:40 2019-08-21 Show GitHub Exploit DB Packet Storm
221335 7.3 HIGH
Local 		google android In LockTaskController.lockKeyguardIfNeeded of the LockTaskController.java, there was a difference in the handling of the default case between the WindowManager and the Settings. This could lead to a … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2019-2122 2024-11-21 13:40 2019-08-21 Show GitHub Exploit DB Packet Storm
221336 7.0 HIGH
Local 		google android In ActivityManagerService.attachApplication of ActivityManagerService, there is a possible race condition. This could lead to local escalation of privilege with no additional execution privileges nee… CWE-362
Race Condition 		CVE-2019-2121 2024-11-21 13:40 2019-08-21 Show GitHub Exploit DB Packet Storm
221337 7.8 HIGH
Local 		google android In OatFileAssistant::GenerateOatFile of oat_file_assistant.cc, there is a possible file corruption issue due to an insecure default value. This could lead to local escalation of privilege with no add… CWE-1188
 Insecure Default Initialization of Resource 		CVE-2019-2120 2024-11-21 13:40 2019-08-21 Show GitHub Exploit DB Packet Storm
221338 7.1 HIGH
Network 		mongodb mongodb After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts r… CWE-613
 Insufficient Session Expiration 		CVE-2019-2386 2024-11-21 13:40 2019-08-7 Show GitHub Exploit DB Packet Storm
221339 7.8 HIGH
Local 		qualcomm ipq8074_firmware
qca8081_firmware
qcs404_firmware
qcs405_firmware
qcs605_firmware
sd_425_firmware
sd_427_firmware
sd_430_firmware
sd_435_firmware
sd_450_firmware
sd_625_… 		Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Sna… CWE-129
 Improper Validation of Array Index 		CVE-2019-2346 2024-11-21 13:40 2019-07-26 Show GitHub Exploit DB Packet Storm
221340 7.0 HIGH
Local 		qualcomm msm8909w_firmware
msm8996au_firmware
qcs605_firmware
sd_425_firmware
sd_427_firmware
sd_430_firmware
sd_435_firmware
sd_450_firmware
sd_625_firmware
sd_636_firmware
sd_7… 		Race condition while accessing DMA buffer in jpeg driver in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MS… CWE-362
Race Condition 		CVE-2019-2345 2024-11-21 13:40 2019-07-26 Show GitHub Exploit DB Packet Storm