Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228691	7.5	危険	VirtueMart	-	VirtueMart の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4430	2012-12-20 19:28	2009-12-28	Show	GitHub Exploit DB Packet Storm

228692	7.5	危険	weentech	-	weenCompany の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4423	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

228693	5	警告	Zend Technologies Ltd.	-	Zend Framework の Zend_Log_Writer_Mail クラスにおける任意の電子メールメッセージを送信される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4417	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

228694	4.3	警告	phpgroupware	-	phpGroupWare の login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4416	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

228695	7.5	危険	phpgroupware	-	phpGroupWare におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-4415	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

228696	6.8	警告	phpgroupware	-	phpGroupWare の phpgwapi /inc/class.auth_sql.inc.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4414	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

228697	5	警告	pps.jussieu	-	Polipo の client.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2009-4413	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

228698	6	警告	s9y	-	Serendipity における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2009-4412	2012-12-20 19:28	2009-12-21	Show	GitHub Exploit DB Packet Storm

228699	3.7	注意	xfs	-	XFS acl の setfacl および getfacl コマンドにおける任意のファイルなど対する ACL を変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4411	2012-12-20 19:28	2009-12-24	Show	GitHub Exploit DB Packet Storm

228700	4.3	警告	pyforum	-	PyForum および zForum の models.parser におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4408	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
310441	5.5	MEDIUM Local	xpdfreader	xpdf	In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2010-0207	2024-11-21 10:11	2019-10-31	Show	GitHub Exploit DB Packet Storm

310442	5.5	MEDIUM Local	xpdfreader	xpdf	xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.	CWE-476 NULL Pointer Dereference	CVE-2010-0206	2024-11-21 10:11	2019-10-31	Show	GitHub Exploit DB Packet Storm

310443	6.1	MEDIUM Network	sumo	google_analyticator	The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for Google Analytics API text.	CWE-20 Improper Input Validation	CVE-2009-5158	2024-11-21 10:11	2019-08-22	Show	GitHub Exploit DB Packet Storm

310444	8.8	HIGH Network	linksys	wag54g2_firmware	On Linksys WAG54G2 1.00.10 devices, there is authenticated command injection via shell metacharacters in the setup.cgi c4_ping_ipaddr variable.	CWE-77 Command Injection	CVE-2009-5157	2024-11-21 10:11	2019-06-12	Show	GitHub Exploit DB Packet Storm

310445	9.8	CRITICAL Network	veracomp	asmax_ar-804gu_firmware	An issue was discovered on ASMAX AR-804gu 66.34.1 devices. There is Command Injection via the cgi-bin/script query string.	CWE-77 Command Injection	CVE-2009-5156	2024-11-21 10:11	2019-06-12	Show	GitHub Exploit DB Packet Storm

310446	7.5	HIGH Network	gnu netapp	glibc steelstore_cloud_integrated_storage ontap_select_deploy_administration_utility cloud_backup	In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application …	CWE-19 Data Processing Errors	CVE-2009-5155	2024-11-21 10:11	2019-02-26	Show	GitHub Exploit DB Packet Storm

310447	9.8	CRITICAL Network	mobotix	s14_firmware	An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account.	CWE-798 Use of Hard-coded Credentials	CVE-2009-5154	2024-11-21 10:11	2019-02-10	Show	GitHub Exploit DB Packet Storm

310448	9.8	CRITICAL Network	microfocus	netware	In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, becau…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-5153	2024-11-21 10:11	2018-11-22	Show	GitHub Exploit DB Packet Storm

310449	4.1	MEDIUM Local	absolute	computrace_agent	Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to…	CWE-362 Race Condition	CVE-2009-5152	2024-11-21 10:11	2018-05-12	Show	GitHub Exploit DB Packet Storm

310450	6.7	MEDIUM Local	absolute	computrace_agent	The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code o…	CWE-284 Improper Access Control	CVE-2009-5151	2024-11-21 10:11	2018-05-12	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed