Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251911	9.3	危険	マイクロソフト	-	Microsoft Windows の kernel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2514	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

251912	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2513	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

251913	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

251914	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

251915	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

251916	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

251917	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199491	9.8	CRITICAL Network	mathjs	math.js	math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.	CWE-94 Code Injection	CVE-2017-1001002	2024-11-21 12:04	2017-11-27	Show	GitHub Exploit DB Packet Storm

199492	9.8	CRITICAL Network	gitphp_project	gitphp	GitPHP by xiphux is vulnerable to OS Command Injections	CWE-78 OS Command	CVE-2017-1000214	2024-11-21 12:04	2017-11-27	Show	GitHub Exploit DB Packet Storm

199493	6.5	MEDIUM Network	apereo	opencast	In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2017-1000221	2024-11-21 12:04	2017-11-18	Show	GitHub Exploit DB Packet Storm

199494	8.8	HIGH Network	opencast	opencast	Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.	CWE-74 Injection	CVE-2017-1000217	2024-11-21 12:04	2017-11-18	Show	GitHub Exploit DB Packet Storm

199495	5.5	MEDIUM Local	exiv2	exiv2	Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser	CWE-125 Out-of-bounds Read	CVE-2017-1000128	2024-11-21 12:04	2017-11-18	Show	GitHub Exploit DB Packet Storm

199496	5.5	MEDIUM Local	exiv2	exiv2	Exiv2 0.26 contains a heap buffer overflow in tiff parser	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-1000127	2024-11-21 12:04	2017-11-18	Show	GitHub Exploit DB Packet Storm

199497	5.5	MEDIUM Local	exiv2	exiv2	exiv2 0.26 contains a Stack out of bounds read in webp parser	CWE-125 Out-of-bounds Read	CVE-2017-1000126	2024-11-21 12:04	2017-11-18	Show	GitHub Exploit DB Packet Storm

199498	7.5	HIGH Network	snap7_project	snap7_server	The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulti…	CWE-20 Improper Input Validation	CVE-2017-1000230	2024-11-21 12:04	2017-11-18	Show	GitHub Exploit DB Packet Storm

199499	5.4	MEDIUM Network	parallelus	salutation	Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can	CWE-79 Cross-site Scripting	CVE-2017-1000227	2024-11-21 12:04	2017-11-18	Show	GitHub Exploit DB Packet Storm

199500	9.1	CRITICAL Network	simplexml_project	simplexml	SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.	CWE-611 XXE	CVE-2017-1000190	2024-11-21 12:04	2017-11-18	Show	GitHub Exploit DB Packet Storm