Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254031 4.6 警告 シトリックス・システムズ - Citrix XenServer における認証を回避され Xen API (XAPI) を実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-0633 2010-09-14 15:54 2010-02-12 Show GitHub Exploit DB Packet Storm
254032 4.3 警告 シトリックス・システムズ - 複数の Citrix XenServer 製品の XenAPI HTTP インターフェイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3253 2010-09-14 15:54 2008-07-16 Show GitHub Exploit DB Packet Storm
254033 7.5 危険 シトリックス・システムズ - Citrix XenCenterWeb の XenServer Resource Kit における PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3760 2010-09-14 15:54 2009-10-22 Show GitHub Exploit DB Packet Storm
254034 6 警告 シトリックス・システムズ - Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-3759 2010-09-14 15:54 2009-10-22 Show GitHub Exploit DB Packet Storm
254035 7.5 危険 シトリックス・システムズ - Citrix XenCenterWeb の XenServer Resource Kit における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3758 2010-09-14 15:53 2009-10-22 Show GitHub Exploit DB Packet Storm
254036 4.3 警告 シトリックス・システムズ - Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3757 2010-09-14 15:53 2009-10-22 Show GitHub Exploit DB Packet Storm
254037 7.2 危険 シトリックス・システムズ - Xen の xend におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5716 2010-09-14 15:53 2008-12-24 Show GitHub Exploit DB Packet Storm
254038 6 警告 VMware - VMware Studio の Virtual Appliance Management Infrastructure における任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-2667 2010-09-13 16:05 2010-07-13 Show GitHub Exploit DB Packet Storm
254039 4.4 警告 VMware - VMware Studio における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2427 2010-09-13 16:05 2010-07-13 Show GitHub Exploit DB Packet Storm
254040 6.8 警告 VMware - VMware SpringSource tc Server Runtime における JMX インターフェイスへのアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2010-1454 2010-09-13 16:05 2010-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224711 7.5 HIGH
Network 		foxitsoftware phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child an… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2019-14207 2024-11-21 13:26 2019-07-22 Show GitHub Exploit DB Packet Storm
224712 7.5 HIGH
Network 		nevma adaptive_images An Arbitrary File Deletion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to delete arbitrary files via the $REQUEST['adaptive-images-settings']… CWE-22
Path Traversal 		CVE-2019-14206 2024-11-21 13:26 2019-07-22 Show GitHub Exploit DB Packet Storm
224713 7.5 HIGH
Network 		nevma adaptive_images A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to retrieve arbitrary files via the $REQUEST['adaptive-images-settings']['… CWE-22
Path Traversal 		CVE-2019-14205 2024-11-21 13:26 2019-07-22 Show GitHub Exploit DB Packet Storm
224714 9.6 CRITICAL
Network 		google chrome Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. (Chromium security sever… CWE-269
 Improper Privilege Management 		CVE-2019-13690 2024-11-21 13:25 2023-08-26 Show GitHub Exploit DB Packet Storm
224715 7.8 HIGH
Local 		google chrome Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. (Chromium security severity: Crit… CWE-59
Link Following 		CVE-2019-13689 2024-11-21 13:25 2023-08-26 Show GitHub Exploit DB Packet Storm
224716 7.4 HIGH
Network 		google chrome Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chrome security severity: High) CWE-416
 Use After Free 		CVE-2019-13768 2024-11-21 13:25 2023-01-3 Show GitHub Exploit DB Packet Storm
224717 6.5 MEDIUM
Adjacent 		sierrawireless mgos Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request (aka Forced Browsing). NVD-CWE-noinfo
CVE-2019-13988 2024-11-21 13:25 2022-12-27 Show GitHub Exploit DB Packet Storm
224718 6.1 MEDIUM
Network 		blinger blinger Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS. An attacker can send arbitrary JavaScript code via a built-in communication channel, such as Telegram, WhatsApp, Viber, Skype, Facebook, V… CWE-79
Cross-site Scripting 		CVE-2019-13633 2024-11-21 13:25 2020-10-20 Show GitHub Exploit DB Packet Storm
224719 7.8 HIGH
Local 		qualcomm kamorta_firmware
mdm9150_firmware
mdm9205_firmware
mdm9607_firmware
mdm9650_firmware
nicobar_firmware
qcs404_firmware
qcs405_firmware
qcs605_firmware
qcs610_firmware
ren… 		u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S… CWE-190
 Integer Overflow or Wraparound 		CVE-2019-14056 2024-11-21 13:25 2020-09-8 Show GitHub Exploit DB Packet Storm
224720 9.8 CRITICAL
Network 		qualcomm apq8009_firmware
apq8017_firmware
apq8053_firmware
apq8096au_firmware
apq8098_firmware
mdm9150_firmware
mdm9206_firmware
mdm9607_firmware
mdm9615_firmware
mdm9625_firmware<… 		u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon In… CWE-908
 Use of Uninitialized Resource 		CVE-2019-14052 2024-11-21 13:25 2020-09-8 Show GitHub Exploit DB Packet Storm