Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
213011 7.5 危険 Mozilla Foundation - Mozilla Firefox の Off Main Thread Compositing の実装における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2015-0806 2015-04-3 19:42 2015-03-31 Show GitHub Exploit DB Packet Storm
213012 7.5 危険 Mozilla Foundation - Mozilla Firefox の Off Main Thread Compositing の実装における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2015-0805 2015-04-3 19:42 2015-03-31 Show GitHub Exploit DB Packet Storm
213013 7.5 危険 Mozilla Foundation - Mozilla Firefox の HTMLSourceElement::BindToTree 関数における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-0804 2015-04-3 19:42 2015-03-31 Show GitHub Exploit DB Packet Storm
213014 7.5 危険 Mozilla Foundation - Mozilla Firefox の HTMLSourceElement::AfterSetAttr 関数における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-0803 2015-04-3 19:42 2015-03-31 Show GitHub Exploit DB Packet Storm
213015 5 警告 Mozilla Foundation - Mozilla Firefox におけるクローム特権で任意の JavaScript コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-0802 2015-04-3 19:42 2015-03-31 Show GitHub Exploit DB Packet Storm
213016 5 警告 Mozilla Foundation - Android 上で稼働する Mozilla Firefox の DNS リゾルバの PRNG の実装における DNS レスポンスを偽装される脆弱性 CWE-200
情報漏えい 		CVE-2015-0800 2015-04-3 19:42 2015-03-31 Show GitHub Exploit DB Packet Storm
213017 10 危険 Debian - pam_cifscreds で使用される cifs-utils の cifskey.c または cifscreds.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-2830 2015-04-3 18:24 2014-03-25 Show GitHub Exploit DB Packet Storm
213018 7.5 危険 EGroupware - eGroupware における PHP オブジェクトインジェクション攻撃を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-2027 2015-04-3 17:54 2014-03-3 Show GitHub Exploit DB Packet Storm
213019 7.5 危険 Embedthis Software, LLC - EmbedThis GoAhead におけるディレクトリトラバーサル攻撃を実行される脆弱性 CWE-Other
その他 		CVE-2014-9707 2015-04-3 16:48 2014-11-25 Show GitHub Exploit DB Packet Storm
213020 7.5 危険 Debian
Dulwich project		 - Dulwich の _pack.c 内の apply_delta 関数の C の実装におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-0838 2015-04-3 16:39 2015-03-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297761 - gecad axigen_free_mail_server Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName… CWE-22
Path Traversal 		CVE-2012-4940 2024-11-21 10:43 2012-11-1 Show GitHub Exploit DB Packet Storm
297762 - solarwinds orion_network_performance_monitor
ip_address_manager_web_interface 		Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote attackers to inject ar… CWE-79
Cross-site Scripting 		CVE-2012-4939 2024-11-21 10:43 2012-11-1 Show GitHub Exploit DB Packet Storm
297763 - xen xen The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of se… CWE-20
 Improper Input Validation  		CVE-2012-4544 2024-11-21 10:43 2012-11-1 Show GitHub Exploit DB Packet Storm
297764 - joomla joomla\! Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web scrip… CWE-79
Cross-site Scripting 		CVE-2012-4532 2024-11-21 10:43 2012-11-1 Show GitHub Exploit DB Packet Storm
297765 - joomla joomla\! Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2012-4531 2024-11-21 10:43 2012-11-1 Show GitHub Exploit DB Packet Storm
297766 - nancy_wichmann announcements The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the "access announcements" permission to bypass node access restrictions and possibly have other unsp… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4500 2024-11-21 10:43 2012-11-1 Show GitHub Exploit DB Packet Storm
297767 - matthias_hutterer email The contact formatter page in the Email Field module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to email the stored address in the entity via unspecified vec… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4499 2024-11-21 10:43 2012-11-1 Show GitHub Exploit DB Packet Storm
297768 - inclind custom_pub Cross-site scripting (XSS) vulnerability in the Custom Publishing Options module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "administer nodes" permission to inject a… CWE-79
Cross-site Scripting 		CVE-2012-4496 2024-11-21 10:43 2012-11-1 Show GitHub Exploit DB Packet Storm
297769 - mime_mail_module_project mimemail The Mime Mail module 6.x-1.x before 6.x-1.1 for Drupal does not properly restrict access to files outside Drupal's publish files directory, which allows remote authenticated users to send arbitrary f… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4495 2024-11-21 10:43 2012-11-1 Show GitHub Exploit DB Packet Storm
297770 - niif shibb_auth The Shibboleth authentication module 7.x-4.0 for Drupal does not properly check the active status of users, which allows remote blocked users to access bypass intended access restrictions and possibl… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4494 2024-11-21 10:43 2012-11-1 Show GitHub Exploit DB Packet Storm