Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255611	7.2	危険	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の hrtimer_start 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2007-5966	2010-02-25 12:31	2007-12-20	Show	GitHub Exploit DB Packet Storm

255612	4.3	警告	シスコシステムズ	-	Cisco Secure Desktop の +CSCOT+/translation におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0440	2010-02-24 12:27	2010-02-1	Show	GitHub Exploit DB Packet Storm

255613	6.2	警告	ヒューレット・パッカード	-	HP ECMT におけるデータベースにアクセスされる脆弱性	CWE-noinfo 情報不足	CVE-2009-4184	2010-02-24 12:27	2009-10-5	Show	GitHub Exploit DB Packet Storm

255614	4.6	警告	アップル	-	Apple iPhone OS のリカバリモードにおける任意のデータを読まれる脆弱性	CWE-399 リソース管理の問題	CVE-2010-0038	2010-02-24 12:26	2010-02-2	Show	GitHub Exploit DB Packet Storm

255615	5	警告	サン・マイクロシステムズ VMware	-	Sun Java SE におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2009-3885	2010-02-24 12:26	2009-11-9	Show	GitHub Exploit DB Packet Storm

255616	7.5	危険	サン・マイクロシステムズ VMware	-	JDK および JRE の Java Update 機能における古いバージョンの脆弱性を利用される脆弱性	CWE-Other その他	CVE-2009-3864	2010-02-24 12:26	2009-11-3	Show	GitHub Exploit DB Packet Storm

255617	5	警告	アドビシステムズ	-	Adobe ColdFusion のデフォルト設定におけるコレクションのメタデータを取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0185	2010-02-24 12:25	2010-01-29	Show	GitHub Exploit DB Packet Storm

255618	6.8	警告	Apache Software Foundation	-	Apache HTTP Server の ap_proxy_send_fb 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-0010	2010-02-24 12:25	2010-02-2	Show	GitHub Exploit DB Packet Storm

255619	5	警告	アップルサイバートラスト株式会社サン・マイクロシステムズヒューレット・パッカード VMware レッドハット	-	JDK、JRE および SDK におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-3877	2010-02-24 12:25	2009-11-5	Show	GitHub Exploit DB Packet Storm

255620	5	警告	サン・マイクロシステムズサイバートラスト株式会社 VMware ヒューレット・パッカードレッドハット	-	JDK、JRE および SDK におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-3876	2010-02-24 12:24	2009-11-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223051	7.8	HIGH Local	10-strike	free_photo_viewer	Free Photo Viewer 1.3 allows remote attackers to execute arbitrary code via a crafted BMP and/or TIFF file that triggers a malformed SEH, as demonstrated by a 0012ECB4 FreePhot.00425642 42200008 corr…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2019-19468	2024-11-21 13:34	2019-12-1	Show	GitHub Exploit DB Packet Storm

223052	5.3	MEDIUM Network	cbc	gem	The CBC Gem application before 9.24.1 for Android and before 9.26.0 for iOS has Unencrypted Analytics.	CWE-311 Missing Encryption of Sensitive Data	CVE-2019-19464	2024-11-21 13:34	2019-11-30	Show	GitHub Exploit DB Packet Storm

223053	5.3	MEDIUM Network	huami	mi_fit	The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2019-19463	2024-11-21 13:34	2019-11-30	Show	GitHub Exploit DB Packet Storm

223054	5.5	MEDIUM Local	linux netapp canonical opensuse debian	linux_kernel active_iq_unified_manager solidfire hci_management_node hci_storage_node hci_compute_node ubuntu_linux leap debian_linux	relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.	CWE-476 NULL Pointer Dereference	CVE-2019-19462	2024-11-21 13:34	2019-11-30	Show	GitHub Exploit DB Packet Storm

223055	5.5	MEDIUM Local	gnome fedoraproject opensuse	dia fedora leap	When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this …	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2019-19451	2024-11-21 13:34	2019-11-30	Show	GitHub Exploit DB Packet Storm

223056	7.5	HIGH Network	omniosce	omnios	illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because uts/common/inet…	CWE-20 Improper Input Validation	CVE-2019-19396	2024-11-21 13:34	2019-11-30	Show	GitHub Exploit DB Packet Storm

223057	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.	CWE-787 Out-of-bounds Write	CVE-2019-19378	2024-11-21 13:34	2019-11-30	Show	GitHub Exploit DB Packet Storm

223058	7.8	HIGH Local	linux netapp	linux_kernel cloud_backup steelstore_cloud_integrated_storage active_iq_unified_manager solidfire_baseboard_management_controller	In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.	CWE-416 Use After Free	CVE-2019-19377	2024-11-21 13:34	2019-11-30	Show	GitHub Exploit DB Packet Storm

223059	9.1	CRITICAL Network	luajit moonjit_project	luajit moonjit	In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases in…	CWE-843 Type Confusion	CVE-2019-19391	2024-11-21 13:34	2019-11-30	Show	GitHub Exploit DB Packet Storm

223060	6.1	MEDIUM Network	fusionpbx	fusionpbx	A cross-site scripting (XSS) vulnerability in app/dialplans/dialplan_detail_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the dialplan_uuid parameter.	CWE-79 Cross-site Scripting	CVE-2019-19388	2024-11-21 13:34	2019-11-29	Show	GitHub Exploit DB Packet Storm