Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255261	9.3	危険	VMware	-	複数の VMware 製品の VNnc コーデックにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0909	2010-03-23 14:10	2010-04-3	Show	GitHub Exploit DB Packet Storm

255262	6.4	警告	VMware	-	VMware ACE の ACE 共有フォルダ実装における無効にされた共有フォルダを有効にされる脆弱性	CWE-noinfo 情報不足	CVE-2009-0908	2010-03-23 14:10	2010-04-3	Show	GitHub Exploit DB Packet Storm

255263	2.1	注意	VMware	-	複数の VMware 製品の VI Client におけるパスワードを取得される脆弱性	CWE-200 情報漏えい	CVE-2009-0518	2010-03-23 14:10	2010-04-3	Show	GitHub Exploit DB Packet Storm

255264	4.4	警告	KVM レッドハット	-	KVM の x86 エミュレータにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0419	2010-03-23 14:09	2010-03-1	Show	GitHub Exploit DB Packet Storm

255265	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0263	2010-03-19 10:28	2010-03-9	Show	GitHub Exploit DB Packet Storm

255266	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0262	2010-03-19 10:28	2010-03-9	Show	GitHub Exploit DB Packet Storm

255267	9.3	危険	マイクロソフト	-	複数の Microsoft 製品におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0261	2010-03-19 10:28	2010-03-9	Show	GitHub Exploit DB Packet Storm

255268	9.3	危険	マイクロソフト	-	複数の Microsoft 製品におけるヒープベースのバッファオーバーフローの脆弱性	CWE-94 コード・インジェクション	CVE-2010-0260	2010-03-19 10:28	2010-03-9	Show	GitHub Exploit DB Packet Storm

255269	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0258	2010-03-19 10:27	2010-03-9	Show	GitHub Exploit DB Packet Storm

255270	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0264	2010-03-19 10:27	2010-03-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223011	9.8	CRITICAL Network	okay-cms	okaycms	In OkayCMS through 2.3.4, an unauthenticated attacker can achieve remote code execution by injecting a malicious PHP object via a crafted cookie. This could happen at two places: first in view/Produc…	CWE-94 Code Injection	CVE-2019-16885	2024-11-21 13:31	2019-12-4	Show	GitHub Exploit DB Packet Storm

223012	7.2	HIGH Network	inist	ezmaster	The admin sys mode is now conditional and dedicated for the special case. By default, since ezmaster@5.2.11 no instance (container) is launched with advanced capabilities (not launched as root)	NVD-CWE-noinfo	CVE-2019-16767	2024-11-21 13:31	2019-11-30	Show	GitHub Exploit DB Packet Storm

223013	8.8	HIGH Network	labdigital	wagtail-2fa	When using wagtail-2fa before 1.3.0, if someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new de…	NVD-CWE-noinfo	CVE-2019-16766	2024-11-21 13:31	2019-11-30	Show	GitHub Exploit DB Packet Storm

223014	7.8	HIGH Local	microsoft	codeql	If an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be execu…	NVD-CWE-noinfo	CVE-2019-16765	2024-11-21 13:31	2019-11-26	Show	GitHub Exploit DB Packet Storm

223015	5.5	MEDIUM Local	powauth	powassent	The use of `String.to_atom/1` in PowAssent is susceptible to denial of service attacks. In `PowAssent.Phoenix.AuthorizationController` a value is fetched from the user provided params, and `String.to…	NVD-CWE-noinfo	CVE-2019-16764	2024-11-21 13:31	2019-11-26	Show	GitHub Exploit DB Packet Storm

223016	6.1	MEDIUM Network	pannellum	pannellum	In Pannellum from 2.5.0 through 2.5.4 URLs were not sanitized for data URIs (or vbscript:), allowing for potential XSS attacks. Such an attack would require a user to click on a hot spot to execute a…	CWE-79 Cross-site Scripting	CVE-2019-16763	2024-11-21 13:31	2019-11-23	Show	GitHub Exploit DB Packet Storm

223017	7.5	HIGH Network	lexmark	services_monitor_firmware	In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host ope…	CWE-22 Path Traversal	CVE-2019-16758	2024-11-21 13:31	2019-11-22	Show	GitHub Exploit DB Packet Storm

223018	7.3	HIGH Local	code42	code42	Code42 server through 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library (DLL). The…	CWE-426 Untrusted Search Path	CVE-2019-16861	2024-11-21 13:31	2019-11-19	Show	GitHub Exploit DB Packet Storm

223019	7.3	HIGH Local	code42	code42	Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local machine could create or modify a dynamic-link library (DLL…	CWE-426 Untrusted Search Path	CVE-2019-16860	2024-11-21 13:31	2019-11-19	Show	GitHub Exploit DB Packet Storm

223020	6.5	MEDIUM Network	microfocus	operations_agent	XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. The vulnerability could be exploited to do an XXE attack on Op…	CWE-611 XXE	CVE-2019-17085	2024-11-21 13:31	2019-11-19	Show	GitHub Exploit DB Packet Storm