Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 9, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 254681 | 7.5 | 危険 | The PHP Group LibGD project サイバートラスト株式会社 レッドハット |
- | PHP および GD Graphics Library の _gdGetColors 関数におけるバッファオーバーフローの脆弱性 |
CWE-Other
その他 |
CVE-2009-3546 | 2010-02-3 14:34 | 2009-10-19 | Show | GitHub Exploit DB Packet Storm |
| 254682 | 6.8 | 警告 | GNU Project XEmacs サイバートラスト株式会社 |
- | Emacs および XEmacs における .flc ファイルの処理に関する任意のコードを実行される脆弱性 |
CWE-DesignError
|
CVE-2008-2142 | 2010-02-2 11:43 | 2008-05-12 | Show | GitHub Exploit DB Packet Storm |
| 254683 | 3.5 | 注意 | Drupal サイバートラスト株式会社 |
- | Drupal の Menu モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4370 | 2010-02-2 11:43 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 254684 | 3.5 | 注意 | Drupal サイバートラスト株式会社 |
- | Drupal の Contact モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4369 | 2010-02-2 11:42 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 254685 | 7.5 | 危険 | 日立 | - | Cosminexus、Processing Kit for XML および Hitachi Developer's Kit for Java におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
- | 2010-02-2 11:42 | 2009-12-22 | Show | GitHub Exploit DB Packet Storm |
| 254686 | 4.3 | 警告 | VMware | - | 複数の VMware 製品におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3731 | 2010-02-1 11:52 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
| 254687 | 10 | 危険 | サイバートラスト株式会社 Linux |
- | Linux kernel および gxsnmp パッケージの asn1 の実装における任意のコードを実行される脆弱性 |
CWE-119
バッファエラー |
CVE-2008-1673 | 2010-02-1 11:51 | 2008-06-10 | Show | GitHub Exploit DB Packet Storm |
| 254688 | 10 | 危険 | ヒューレット・パッカード | - | 複数の Symantec 製品の VRTSweb における任意のコードを実行される脆弱性 |
CWE-287
不適切な認証 |
CVE-2009-3027 | 2010-02-1 11:51 | 2009-12-8 | Show | GitHub Exploit DB Packet Storm |
| 254689 | 9.3 | 危険 | KDE project Glyph & Cog, LLC GNOME Project サイバートラスト株式会社 レッドハット |
- | Xpdf、gpdf および kpdf の FoFiType1::parse 関数における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-4035 | 2010-01-29 09:54 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 254690 | 7.8 | 危険 | Mozilla Foundation | - | Mozilla Firefox/SeaMonkey の GeckoActiveXObject 関数における重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2009-3987 | 2010-01-29 09:54 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 9, 2026, 5:07 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 223481 | 7.4 |
HIGH
Network |
roundcube fedoraproject |
webmail fedora |
Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks. |
NVD-CWE-noinfo
|
CVE-2019-15237 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223482 | 9.8 |
CRITICAL
Network |
live555 | streaming_media | Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and … |
CWE-416
Use After Free |
CVE-2019-15232 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223483 | 8.8 |
HIGH
Network |
thedaylightstudio | fuel_cms | FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of the Admin console. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially craft… |
CWE-352
Origin Validation Error |
CVE-2019-15229 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223484 | 5.4 |
MEDIUM
Network |
thedaylightstudio | fuel_cms | FUEL CMS 1.4.4 has XSS in the Create Blocks section of the Admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated acc… |
CWE-79
Cross-site Scripting |
CVE-2019-15228 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223485 | 7.5 |
HIGH
Network |
envoyproxy | envoy | In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to r… |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2019-15225 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223486 | 9.8 |
CRITICAL
Network |
rest-client_project | rest-client | The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected. |
CWE-94
Code Injection |
CVE-2019-15224 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223487 | 4.6 |
MEDIUM
Physics |
linux netapp canonical |
linux_kernel h410c_firmware data_availability_services solidfire_\&_hci_management_node active_iq_unified_manager solidfire_baseboard_management_controller ubuntu_linux |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver. |
CWE-476
NULL Pointer Dereference |
CVE-2019-15223 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223488 | 4.6 |
MEDIUM
Physics |
linux netapp opensuse |
linux_kernel h410c_firmware data_availability_services solidfire_\&_hci_management_node active_iq_unified_manager solidfire_baseboard_management_controller leap |
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver. |
CWE-476
NULL Pointer Dereference |
CVE-2019-15222 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223489 | 4.6 |
MEDIUM
Physics |
linux netapp canonical debian opensuse |
linux_kernel h410c_firmware data_availability_services solidfire_\&_hci_management_node active_iq_unified_manager solidfire_baseboard_management_controller ubuntu_linux debia… |
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. |
CWE-476
NULL Pointer Dereference |
CVE-2019-15221 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |
| 223490 | 4.6 |
MEDIUM
Physics |
linux netapp canonical debian opensuse |
linux_kernel h410c_firmware data_availability_services solidfire_\&_hci_management_node active_iq_unified_manager solidfire_baseboard_management_controller ubuntu_linux debia… |
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. |
CWE-416
Use After Free |
CVE-2019-15220 | 2024-11-21 13:28 | 2019-08-20 | Show | GitHub Exploit DB Packet Storm |