Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255201 2.6 注意 オラクル - Oracle Application Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-01-14 15:01 2010-01-14 Show GitHub Exploit DB Packet Storm
255202 9.3 危険 マイクロソフト - Microsoft Internet Explorer に脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3672 2010-01-14 12:08 2009-11-25 Show GitHub Exploit DB Packet Storm
255203 9.3 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の java.lang パッケージにおける脆弱性 CWE-362
競合状態 		CVE-2009-2724 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
255204 10 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の Provider クラスにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-2721 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
255205 5 警告 有限会社シースリー - WebCalenderC3 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0348 2010-01-12 15:01 2010-01-12 Show GitHub Exploit DB Packet Storm
255206 4.3 警告 有限会社シースリー - WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0349 2010-01-12 15:00 2010-01-12 Show GitHub Exploit DB Packet Storm
255207 10 危険 サイバートラスト株式会社
XEmacs		 - XEmacs の glyphs-eimage.c における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-2688 2010-01-12 14:48 2009-08-5 Show GitHub Exploit DB Packet Storm
255208 6.8 警告 IBM - IBM WebSphere Application Server (WAS) におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-2746 2010-01-12 14:48 2009-11-13 Show GitHub Exploit DB Packet Storm
255209 5 警告 アップル - Apple Safari におけるローカル HTML ファイルを読まれる脆弱性 CWE-Other
その他 		CVE-2009-2842 2010-01-7 12:09 2009-11-11 Show GitHub Exploit DB Packet Storm
255210 5.5 警告 シックス・アパート株式会社 - Movable Type におけるアクセス制限回避の脆弱性 CWE-264
認可・権限・アクセス制御 		- 2010-01-6 15:01 2010-01-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221871 5.3 MEDIUM
Network 		jetbrains hub In JetBrains Hub versions earlier than 2019.1.11738, username enumeration was possible through password recovery. NVD-CWE-noinfo
CVE-2019-18360 2024-11-21 13:33 2019-11-1 Show GitHub Exploit DB Packet Storm
221872 9.8 CRITICAL
Network 		xen
debian
fedoraproject
opensuse 		xen
debian_linux
fedora
leap 		An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x8… CWE-269
 Improper Privilege Management 		CVE-2019-18425 2024-11-21 13:33 2019-10-31 Show GitHub Exploit DB Packet Storm
221873 6.8 MEDIUM
Physics 		xen
debian
fedoraproject
opensuse 		xen
debian_linux
fedora
leap 		An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passe… CWE-78
OS Command  		CVE-2019-18424 2024-11-21 13:33 2019-10-31 Show GitHub Exploit DB Packet Storm
221874 8.8 HIGH
Network 		xen
debian
fedoraproject 		xen
debian_linux
fedora 		An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. p2m->max_mapped_gfn is used by the functions p2m_resolve_… CWE-193
 Off-by-one Error 		CVE-2019-18423 2024-11-21 13:33 2019-10-31 Show GitHub Exploit DB Packet Storm
221875 5.5 MEDIUM
Local 		totaldefense anti-virus The quarantine restoration function in Total Defense Anti-virus 11.5.2.28 is vulnerable to symbolic link attacks, allowing files to be written to privileged directories. CWE-59
Link Following 		CVE-2019-18645 2024-11-21 13:33 2019-10-31 Show GitHub Exploit DB Packet Storm
221876 8.8 HIGH
Network 		xen
debian
fedoraproject 		xen
debian_linux
fedora 		An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Interrupts are unconditio… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2019-18422 2024-11-21 13:33 2019-10-31 Show GitHub Exploit DB Packet Storm
221877 7.5 HIGH
Network 		xen
debian
fedoraproject
opensuse 		xen
debian_linux
fedora
leap 		An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues … CWE-362
Race Condition 		CVE-2019-18421 2024-11-21 13:33 2019-10-31 Show GitHub Exploit DB Packet Storm
221878 6.5 MEDIUM
Network 		xen
debian
fedoraproject 		xen
debian_linux
fedora 		An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function whi… CWE-134
Use of Externally-Controlled Format String 		CVE-2019-18420 2024-11-21 13:33 2019-10-31 Show GitHub Exploit DB Packet Storm
221879 5.9 MEDIUM
Network 		totaldefense anti-virus The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted. CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2019-18644 2024-11-21 13:33 2019-10-31 Show GitHub Exploit DB Packet Storm
221880 7.5 HIGH
Network 		themooltipass moolticute An issue was discovered in Mooltipass Moolticute through v0.42.1 and v0.42.x-testing through v0.42.5-testing. There is a NULL pointer dereference in MPDevice_win.cpp. CWE-476
 NULL Pointer Dereference 		CVE-2019-18635 2024-11-21 13:33 2019-10-31 Show GitHub Exploit DB Packet Storm