Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 2:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254441 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
212521 8.8 HIGH
Network 		sdcms sdcms There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter. CWE-352
 Origin Validation Error 		CVE-2019-9652 2024-11-21 13:52 2019-03-11 Show GitHub Exploit DB Packet Storm
212522 9.8 CRITICAL
Network 		sdcms sdcms An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the check_bad() function's filtering is not strict, resulting in PHP code execution. This occurs because … CWE-94
Code Injection 		CVE-2019-9651 2024-11-21 13:52 2019-03-11 Show GitHub Exploit DB Packet Storm
212523 6.1 MEDIUM
Network 		upcoming_events_project upcoming_events An XSS issue was discovered in upcoming_events.php in the Upcoming Events plugin before 1.33 for MyBB via a crafted name for an event. CWE-79
Cross-site Scripting 		CVE-2019-9650 2024-11-21 13:52 2019-03-11 Show GitHub Exploit DB Packet Storm
212524 6.1 MEDIUM
Network 		codepeople contact_form_email The Contact Form Email plugin before 1.2.66 for WordPress allows wp-admin/admin.php item XSS, related to cp_admin_int_edition.inc.php in the "custom edition area." CWE-79
Cross-site Scripting 		CVE-2019-9646 2024-11-21 13:52 2019-03-11 Show GitHub Exploit DB Packet Storm
212525 9.8 CRITICAL
Network 		php
debian
canonical
opensuse
netapp 		php
debian_linux
ubuntu_linux
leap
storage_automation_store 		An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF. CWE-908
 Use of Uninitialized Resource 		CVE-2019-9641 2024-11-21 13:52 2019-03-9 Show GitHub Exploit DB Packet Storm
212526 7.5 HIGH
Network 		php
canonical
debian
opensuse
netapp
redhat 		php
ubuntu_linux
debian_linux
leap
storage_automation_store
software_collections 		An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn. CWE-125
Out-of-bounds Read 		CVE-2019-9640 2024-11-21 13:52 2019-03-9 Show GitHub Exploit DB Packet Storm
212527 7.5 HIGH
Network 		php
debian
canonical
opensuse
netapp
redhat 		php
debian_linux
ubuntu_linux
leap
storage_automation_store
software_collections 		An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling… CWE-908
CWE-909
 Use of Uninitialized Resource
 Missing Initialization of Resource 		CVE-2019-9639 2024-11-21 13:52 2019-03-9 Show GitHub Exploit DB Packet Storm
212528 7.5 HIGH
Network 		php
debian
canonical
opensuse
netapp
redhat 		php
debian_linux
ubuntu_linux
leap
storage_automation_store
software_collections 		An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling… CWE-125
Out-of-bounds Read 		CVE-2019-9638 2024-11-21 13:52 2019-03-9 Show GitHub Exploit DB Packet Storm
212529 7.5 HIGH
Network 		php
debian
canonical
opensuse
netapp 		php
debian_linux
ubuntu_linux
leap
storage_automation_store 		An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2019-9637 2024-11-21 13:52 2019-03-9 Show GitHub Exploit DB Packet Storm
212530 9.8 CRITICAL
Network 		python
fedoraproject
opensuse
debian
canonical
redhat
oracle 		python
fedora
leap
debian_linux
ubuntu_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_aus
enterprise_linux
e… 		Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (cr… NVD-CWE-noinfo
CVE-2019-9636 2024-11-21 13:52 2019-03-9 Show GitHub Exploit DB Packet Storm