Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254421	10	危険	サイバートラスト株式会社 XEmacs	-	XEmacs の glyphs-eimage.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-2688	2010-01-12 14:48	2009-08-5	Show	GitHub Exploit DB Packet Storm

254422	6.8	警告	IBM	-	IBM WebSphere Application Server (WAS) におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-2746	2010-01-12 14:48	2009-11-13	Show	GitHub Exploit DB Packet Storm

254423	5	警告	アップル	-	Apple Safari におけるローカル HTML ファイルを読まれる脆弱性	CWE-Other その他	CVE-2009-2842	2010-01-7 12:09	2009-11-11	Show	GitHub Exploit DB Packet Storm

254424	5.5	警告	シックス・アパート株式会社	-	Movable Type におけるアクセス制限回避の脆弱性	CWE-264 認可・権限・アクセス制御	-	2010-01-6 15:01	2010-01-6	Show	GitHub Exploit DB Packet Storm

254425	9.3	危険	マイクロソフト	-	Microsoft Office Word および Open XML File Format Converter における、任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3135	2010-01-6 14:44	2009-11-10	Show	GitHub Exploit DB Packet Storm

254426	5	警告	トレンドマイクロ日本電気 Apache Software Foundation 富士通サイバートラスト株式会社サン・マイクロシステムズヒューレット・パッカードレッドハット	-	Apache Tomcat の Apache HTTP Server との組合せによるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-0450	2010-01-6 14:43	2007-03-16	Show	GitHub Exploit DB Packet Storm

254427	9.3	危険	マイクロソフト	-	Microsoft Office Excel および Open XML File Format Converter におけるオブジェクトを含むスプレッドシートの処理に関する任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3133	2010-01-5 16:18	2009-11-10	Show	GitHub Exploit DB Packet Storm

254428	9.3	危険	マイクロソフト	-	Microsoft Office Excel および Open XML File Format Converter における BIFF レコードの処理に関する任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-3130	2010-01-5 16:18	2009-11-10	Show	GitHub Exploit DB Packet Storm

254429	9.3	危険	マイクロソフト	-	複数の Microsoft 製品におけるエクセルファイルのフォーマットの処理に関する任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3134	2010-01-5 16:18	2009-11-10	Show	GitHub Exploit DB Packet Storm

254430	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における計算式を含むスプレッドシートの処理に関する任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3132	2010-01-5 16:18	2009-11-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223241	6.1	MEDIUM Network	openfind	mail2000	An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of…	CWE-601 Open Redirect	CVE-2019-15073	2024-11-21 13:27	2019-11-20	Show	GitHub Exploit DB Packet Storm

223242	6.1	MEDIUM Network	openfind	mail2000	The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerabili…	CWE-79 Cross-site Scripting	CVE-2019-15072	2024-11-21 13:27	2019-11-20	Show	GitHub Exploit DB Packet Storm

223243	6.1	MEDIUM Network	openfind	mail2000	The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The co…	CWE-79 Cross-site Scripting	CVE-2019-15071	2024-11-21 13:27	2019-11-20	Show	GitHub Exploit DB Packet Storm

223244	6.1	MEDIUM Network	getmailbird	mailbird	Multiple cross-site scripting (XSS) vulnerabilities in Mailbird before 2.7.5.0 r allow remote attackers to execute arbitrary JavaScript in a privileged context via a crafted HTML mail message. This v…	CWE-79 Cross-site Scripting	CVE-2019-15054	2024-11-21 13:27	2019-11-19	Show	GitHub Exploit DB Packet Storm

223245	8.8	HIGH Network	artifex fedoraproject opensuse	ghostscript fedora leap	A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restricti…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2019-14869	2024-11-21 13:27	2019-11-15	Show	GitHub Exploit DB Packet Storm

223246	10.0	CRITICAL Network	sas	xml_mapper base_sas	SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Serve…	CWE-611 XXE	CVE-2019-14678	2024-11-21 13:27	2019-11-15	Show	GitHub Exploit DB Packet Storm

223247	7.5	HIGH Network	dpdk redhat fedoraproject	data_plane_development_kit enterprise_linux_fast_datapath openstack virtualization_eus fedora	A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user …	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2019-14818	2024-11-21 13:27	2019-11-15	Show	GitHub Exploit DB Packet Storm

223248	7.8	HIGH Local	intel	nuvoton_consumer_infrared	Improper permissions in the installer for the Nuvoton* CIR Driver versions 1.02.1002 and before may allow an authenticated user to potentially enable escalation of privilege via local access.	CWE-276 Incorrect Default Permissions	CVE-2019-14602	2024-11-21 13:27	2019-11-15	Show	GitHub Exploit DB Packet Storm

223249	6.5	MEDIUM Network	redhat	syndesis fuse	It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further acce…	NVD-CWE-Other	CVE-2019-14860	2024-11-21 13:27	2019-11-9	Show	GitHub Exploit DB Packet Storm

223250	6.5	MEDIUM Network	fedoraproject redhat debian	389_directory_server enterprise_linux debian_linux	A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to vie…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2019-14824	2024-11-21 13:27	2019-11-9	Show	GitHub Exploit DB Packet Storm