Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253321 6.8 警告 アップル - Apple Mac OS X の QuickTime におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0514 2010-04-15 18:38 2010-03-29 Show GitHub Exploit DB Packet Storm
253322 6.8 警告 アップル - Apple Mac OS X の PS Normalizer におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0513 2010-04-15 18:38 2010-03-29 Show GitHub Exploit DB Packet Storm
253323 9.3 危険 アップル - Apple Mac OS X の アカウント環境設定の実装におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0512 2010-04-15 18:38 2010-03-29 Show GitHub Exploit DB Packet Storm
253324 5 警告 アップル - Apple Mac OS X の Podcast プロデューサーにおけるワークフローにアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0511 2010-04-15 18:38 2010-03-29 Show GitHub Exploit DB Packet Storm
253325 9 危険 アップル - Apple Mac OS X のパスワードサーバにおけるログインアクセスを取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-0510 2010-04-15 18:37 2010-03-29 Show GitHub Exploit DB Packet Storm
253326 7.2 危険 アップル - Apple Mac OS X の SFLServer における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0509 2010-04-15 18:37 2010-03-29 Show GitHub Exploit DB Packet Storm
253327 7.8 危険 アップル - Apple Mac OS X の Mail における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-0525 2010-04-15 18:36 2010-03-29 Show GitHub Exploit DB Packet Storm
253328 4 警告 アップル
サイバートラスト株式会社
MySQL AB
レッドハット		 - MySQL の mysqld におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2009-4019 2010-04-15 18:16 2009-11-30 Show GitHub Exploit DB Packet Storm
253329 6.8 警告 The PHP Group
アップル		 - PHP の posix_mkfifo 関数における open_basedir の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3558 2010-04-15 18:16 2009-11-23 Show GitHub Exploit DB Packet Storm
253330 4.4 警告 アップル
サイバートラスト株式会社
MySQL AB
レッドハット		 - MySQL における権限チェックを回避される脆弱性 CWE-59
リンク解釈の問題 		CVE-2009-4030 2010-04-15 18:16 2009-11-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223371 4.2 MEDIUM
Physics 		mi
sony
samsung
google
sharp
fujitsu 		mi_5s_plus_firmware
xperia_z4_firmware
galaxy_s6_edge_firmware
galaxy_s4_firmware
nexus_7_firmware
nexus_9_firmware
aquos_zeta_sh-04f_firmware
arrows_nx_f05-f_firmware 		Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface… NVD-CWE-noinfo
CVE-2019-12762 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223372 7.5 HIGH
Network 		python pyxdg A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.par… CWE-94
Code Injection 		CVE-2019-12761 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223373 7.5 HIGH
Network 		parso_project parso A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cach… CWE-502
 Deserialization of Untrusted Data 		CVE-2019-12760 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223374 4.7 MEDIUM
Network 		chartkick_project chartkick The Chartkick gem through 3.1.0 for Ruby allows XSS. CWE-79
Cross-site Scripting 		CVE-2019-12732 2024-11-21 13:23 2019-06-7 Show GitHub Exploit DB Packet Storm
223375 7.5 HIGH
Network 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the SubStr function (provided by the scripting engine) allows an attacker to cause a denial of servi… CWE-125
Out-of-bounds Read 		CVE-2019-12555 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223376 7.5 HIGH
Network 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the WSubStr function (provided by the scripting engine) allows an attacker to cause a denial of serv… CWE-125
Out-of-bounds Read 		CVE-2019-12554 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223377 9.8 CRITICAL
Network 		sweetscape 010_editor In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary mem… CWE-787
 Out-of-bounds Write 		CVE-2019-12553 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223378 8.8 HIGH
Network 		bludit bludit Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs because of bl-kernel/admin/controllers/user-password.php Insecure Direct Object … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2019-12742 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223379 6.1 MEDIUM
Network 		fhir hapi_fhir XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cook… CWE-79
Cross-site Scripting 		CVE-2019-12741 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm
223380 6.1 MEDIUM
Network 		zohocorp manageengine_servicedesk_plus An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter. CWE-79
Cross-site Scripting 		CVE-2019-12543 2024-11-21 13:23 2019-06-6 Show GitHub Exploit DB Packet Storm