Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255131 7.2 危険 サイバートラスト株式会社
Linux		 - Linux kernel の kvm_dev_ioctl_get_supported_cpuid 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-3638 2010-02-3 14:35 2009-10-29 Show GitHub Exploit DB Packet Storm
255132 5 警告 Linear LLC
S2 Security		 - Linear eMerge のマネージメントコンポーネントにおけるサービス運用妨害 (DoS) CWE-noinfo
情報不足 		CVE-2009-3734 2010-02-3 14:35 2010-01-5 Show GitHub Exploit DB Packet Storm
255133 7.5 危険 The PHP Group
LibGD project
サイバートラスト株式会社
レッドハット		 - PHP および GD Graphics Library の _gdGetColors 関数におけるバッファオーバーフローの脆弱性 CWE-Other
その他 		CVE-2009-3546 2010-02-3 14:34 2009-10-19 Show GitHub Exploit DB Packet Storm
255134 6.8 警告 GNU Project
XEmacs
サイバートラスト株式会社		 - Emacs および XEmacs における .flc ファイルの処理に関する任意のコードを実行される脆弱性 CWE-DesignError
CVE-2008-2142 2010-02-2 11:43 2008-05-12 Show GitHub Exploit DB Packet Storm
255135 3.5 注意 Drupal
サイバートラスト株式会社		 - Drupal の Menu モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4370 2010-02-2 11:43 2009-12-16 Show GitHub Exploit DB Packet Storm
255136 3.5 注意 Drupal
サイバートラスト株式会社		 - Drupal の Contact モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4369 2010-02-2 11:42 2009-12-16 Show GitHub Exploit DB Packet Storm
255137 7.5 危険 日立 - Cosminexus、Processing Kit for XML および Hitachi Developer's Kit for Java におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		- 2010-02-2 11:42 2009-12-22 Show GitHub Exploit DB Packet Storm
255138 4.3 警告 VMware - 複数の VMware 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3731 2010-02-1 11:52 2009-12-15 Show GitHub Exploit DB Packet Storm
255139 10 危険 サイバートラスト株式会社
Linux		 - Linux kernel および gxsnmp パッケージの asn1 の実装における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2008-1673 2010-02-1 11:51 2008-06-10 Show GitHub Exploit DB Packet Storm
255140 10 危険 ヒューレット・パッカード - 複数の Symantec 製品の VRTSweb における任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2009-3027 2010-02-1 11:51 2009-12-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224481 9.8 CRITICAL
Network 		fasterxml
netapp
fedoraproject
debian
redhat
oracle 		jackson-databind
steelstore_cloud_integrated_storage
oncommand_workflow_automation
oncommand_api_services
fedora
debian_linux
jboss_enterprise_application_platform
retail_xstore_… 		A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. CWE-502
 Deserialization of Untrusted Data 		CVE-2019-14540 2024-11-21 13:26 2019-09-16 Show GitHub Exploit DB Packet Storm
224482 9.8 CRITICAL
Network 		nxp kinetis_kv1x_firmware
kinetis_kv3x_firmware
kinetis_k8x_firmware 		On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the ef… CWE-863
 Incorrect Authorization 		CVE-2019-14237 2024-11-21 13:26 2019-09-13 Show GitHub Exploit DB Packet Storm
224483 9.8 CRITICAL
Network 		st stm32l0_firmware
stm32l1_firmware
stm32f4_firmware
stm32l4_firmware
stm32f7_firmware
stm32h7_firmware 		On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU… CWE-863
 Incorrect Authorization 		CVE-2019-14236 2024-11-21 13:26 2019-09-13 Show GitHub Exploit DB Packet Storm
224484 9.8 CRITICAL
Network 		vivotek camera VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header. CWE-787
 Out-of-bounds Write 		CVE-2019-14457 2024-11-21 13:26 2019-09-11 Show GitHub Exploit DB Packet Storm
224485 6.1 MEDIUM
Network 		alfresco alfresco An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By man… CWE-601
Open Redirect 		CVE-2019-14223 2024-11-21 13:26 2019-09-7 Show GitHub Exploit DB Packet Storm
224486 7.2 HIGH
Network 		alfresco alfresco An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to ach… CWE-502
 Deserialization of Untrusted Data 		CVE-2019-14224 2024-11-21 13:26 2019-09-6 Show GitHub Exploit DB Packet Storm
224487 9.8 CRITICAL
Network 		alfresco alfresco An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due t… CWE-1188
 Insecure Default Initialization of Resource 		CVE-2019-14222 2024-11-21 13:26 2019-09-6 Show GitHub Exploit DB Packet Storm
224488 5.5 MEDIUM
Local 		canon print The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's m… NVD-CWE-noinfo
CVE-2019-14339 2024-11-21 13:26 2019-09-6 Show GitHub Exploit DB Packet Storm
224489 5.3 MEDIUM
Network 		knowage-suite knowage In Knowage through 6.1.1, an unauthenticated user can enumerated valid usernames via the ChangePwdServlet page. NVD-CWE-noinfo
CVE-2019-14278 2024-11-21 13:26 2019-09-6 Show GitHub Exploit DB Packet Storm
224490 6.1 MEDIUM
Network 		instagram-php-api_project
userproplugin 		instagram-php-api
user_pro 		cosenary Instagram-PHP-API (aka Instagram PHP API V2), as used in the UserPro plugin through 4.9.32 for WordPress, has XSS via the example/success.php error_description parameter. CWE-79
Cross-site Scripting 		CVE-2019-14470 2024-11-21 13:26 2019-09-5 Show GitHub Exploit DB Packet Storm