Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254771	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254772	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254773	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

254774	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

254775	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
219381	9.8	CRITICAL Network	pyyaml fedoraproject	pyyaml fedora	PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue e…	CWE-502 Deserialization of Untrusted Data	CVE-2019-20477	2024-11-21 13:38	2020-02-19	Show	GitHub Exploit DB Packet Storm

219382	4.3	MEDIUM Network	zohocorp	manageengine_remote_access_plus	An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the mail-server configuration suffers from an authorization issue allowing a user with the Guest role (re…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-20474	2024-11-21 13:38	2020-02-18	Show	GitHub Exploit DB Packet Storm

219383	7.8	HIGH Local	goverlan	client_agent reach_console reach_server	Goverlan Reach Console before 9.50, Goverlan Reach Server before 3.50, and Goverlan Client Agent before 9.20.50 have an Untrusted Search Path that leads to Command Injection and Local Privilege Escal…	CWE-426 Untrusted Search Path	CVE-2019-20456	2024-11-21 13:38	2020-02-17	Show	GitHub Exploit DB Packet Storm

219384	5.9	MEDIUM Network	globalpayments	php_sdk	Gateways/Gateway.php in Heartland & Global Payments PHP SDK before 2.0.0 does not enforce SSL certificate validations.	CWE-295 Improper Certificate Validation	CVE-2019-20455	2024-11-21 13:38	2020-02-15	Show	GitHub Exploit DB Packet Storm

219385	7.5	HIGH Network	pcre fedoraproject splunk	pcre2 fedora universal_forwarder	An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrust…	CWE-125 Out-of-bounds Read	CVE-2019-20454	2024-11-21 13:38	2020-02-14	Show	GitHub Exploit DB Packet Storm

219386	4.7	MEDIUM Network	atlassian	jira jira_server jira_data_center	The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12,…	CWE-352 Origin Validation Error	CVE-2019-20100	2024-11-21 13:38	2020-02-12	Show	GitHub Exploit DB Packet Storm

219387	4.3	MEDIUM Network	atlassian	jira_server jira_data_center	The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tr…	CWE-352 Origin Validation Error	CVE-2019-20099	2024-11-21 13:38	2020-02-12	Show	GitHub Exploit DB Packet Storm

219388	4.3	MEDIUM Network	atlassian	jira_server jira_data_center	The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by t…	CWE-352 Origin Validation Error	CVE-2019-20098	2024-11-21 13:38	2020-02-12	Show	GitHub Exploit DB Packet Storm

219389	9.8	CRITICAL Network	samsung	prismview_player_11 prismview_system_9	The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authenticati…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2019-20451	2024-11-21 13:38	2020-02-11	Show	GitHub Exploit DB Packet Storm

219390	7.8	HIGH Local	atlassian	confluence confluence_server	The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to writ…	CWE-427 Uncontrolled Search Path Element	CVE-2019-20406	2024-11-21 13:38	2020-02-6	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed