Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257421	9.3	危険	マイクロソフト	-	Microsoft Windows の kernel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2514	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

257422	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2513	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

257423	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

257424	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

257425	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

257426	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

257427	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
207841	9.8	CRITICAL Network	linux-pam	linux-pam	A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of …	-	CVE-2020-27780	2024-11-21 14:21	2020-12-18	Show	GitHub Exploit DB Packet Storm

207842	6.7	MEDIUM Local	linux redhat	linux_kernel enterprise_linux openshift_container_platform	A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors …	-	CVE-2020-27777	2024-11-21 14:21	2020-12-16	Show	GitHub Exploit DB Packet Storm

207843	9.8	CRITICAL Network	f5 netapp	nginx_controller cloud_backup	In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities.	CWE-22 Path Traversal	CVE-2020-27730	2024-11-21 14:21	2020-12-12	Show	GitHub Exploit DB Packet Storm

207844	7.5	HIGH Network	f5	big-ip_advanced_firewall_manager	In certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the conne…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2020-27713	2024-11-21 14:21	2020-12-12	Show	GitHub Exploit DB Packet Storm

207845	5.7	MEDIUM Local	linux redhat debian netapp	linux_kernel enterprise_linux enterprise_mrg debian_linux cloud_backup solidfire_baseboard_management_controller_firmware h410c_firmware	A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, m…	-	CVE-2020-27825	2024-11-21 14:21	2020-12-12	Show	GitHub Exploit DB Packet Storm

207846	7.5	HIGH Network	frappe	frappe	In two-factor authentication, the system also sending 2fa secret key in response, which enables an intruder to breach the 2fa security.	NVD-CWE-noinfo	CVE-2020-27508	2024-11-21 14:21	2020-12-12	Show	GitHub Exploit DB Packet Storm

207847	7.8	HIGH Local	linux redhat netapp	linux_kernel enterprise_linux openshift_container_platform enterprise_mrg cloud_backup solidfire_baseboard_management_controller	A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue.…	-	CVE-2020-27786	2024-11-21 14:21	2020-12-11	Show	GitHub Exploit DB Packet Storm

207848	7.8	HIGH Local	jasper_project fedoraproject	jasper fedora	There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data co…	-	CVE-2020-27828	2024-11-21 14:21	2020-12-11	Show	GitHub Exploit DB Packet Storm

207849	2.8	LOW Local	debian	advanced_package_tool	Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. This issue affects: python-apt 1.1.0~beta1 versions prio…	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2020-27351	2024-11-21 14:21	2020-12-10	Show	GitHub Exploit DB Packet Storm

207850	5.7	MEDIUM Local	debian netapp	advanced_package_tool solidfire_baseboard_management_controller_firmware	APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfi…	CWE-190 Integer Overflow or Wraparound	CVE-2020-27350	2024-11-21 14:21	2020-12-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed