Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 23, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 216041 | 5 | 警告 | Mumble | - | Mumble クライアントにおける外部ファイルのロードを強制される脆弱性 |
CWE-Other
その他 |
CVE-2014-3756 | 2014-11-18 16:25 | 2014-05-14 | Show | GitHub Exploit DB Packet Storm |
| 216042 | 5 | 警告 | Mumble | - | Mumble クライアントで使用される Qt の QSvg モジュールにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2014-3755 | 2014-11-18 16:24 | 2014-05-11 | Show | GitHub Exploit DB Packet Storm |
| 216043 | 3.3 | 注意 | Python Software Foundation | - | Python の Lib/os.py の _get_masked_mode 関数におけるファイルパーミッションを回避される脆弱性 |
CWE-362
競合状態 |
CVE-2014-2667 | 2014-11-18 16:15 | 2014-03-28 | Show | GitHub Exploit DB Packet Storm |
| 216044 | 5 | 警告 | Vtiger | - | vTiger のインストールモジュールの views/Index.php におけるアプリケーションを再インストールされる脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2014-2268 | 2014-11-18 16:10 | 2014-03-16 | Show | GitHub Exploit DB Packet Storm |
| 216045 | 4.3 | 警告 | Apache Software Foundation | - | Apache Qpid の XML Exchange モジュールにおける XML 外部エンティティの脆弱性 |
CWE-Other
その他 |
CVE-2014-3629 | 2014-11-18 15:50 | 2014-11-7 | Show | GitHub Exploit DB Packet Storm |
| 216046 | 3.5 | 注意 | Apache Software Foundation | - | Apache Hive における重要な情報を取得される脆弱性 |
CWE-Other
その他 |
CVE-2014-0228 | 2014-11-18 15:48 | 2014-06-12 | Show | GitHub Exploit DB Packet Storm |
| 216047 | 4.3 | 警告 | Apache Software Foundation | - | Apache Cordova Android における任意のアプリケーションを起動される脆弱性 |
CWE-200
情報漏えい |
CVE-2014-3502 | 2014-11-18 15:47 | 2014-08-6 | Show | GitHub Exploit DB Packet Storm |
| 216048 | 4.3 | 警告 | Apache Software Foundation | - | Apache Cordova Android における HTTP のホワイトリストを回避される脆弱性 |
CWE-Other
その他 |
CVE-2014-3501 | 2014-11-18 15:47 | 2014-08-4 | Show | GitHub Exploit DB Packet Storm |
| 216049 | 6.4 | 警告 | Apache Software Foundation | - | Apache Cordova Android におけるスタートページを変更される脆弱性 |
CWE-Other
その他 |
CVE-2014-3500 | 2014-11-18 15:46 | 2014-08-4 | Show | GitHub Exploit DB Packet Storm |
| 216050 | 6 | 警告 | Ubercart | - | Drupal 用 Ubercart モジュールにおける任意の PHP コードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2012-2301 | 2014-11-18 15:43 | 2012-04-25 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 23, 2026, 4:08 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 295061 | - |
mozilla suse opensuse redhat canonical |
firefox seamonkey thunderbird thunderbird_esr linux_enterprise_server linux_enterprise_desktop opensuse linux_enterprise_software_development_kit enterprise_linux_server en… |
Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.… |
CWE-416
Use After Free |
CVE-2012-4214 | 2024-11-21 10:42 | 2012-11-21 | Show | GitHub Exploit DB Packet Storm | |
| 295062 | - |
mozilla suse opensuse redhat canonical |
firefox seamonkey thunderbird thunderbird_esr linux_enterprise_server linux_enterprise_desktop opensuse linux_enterprise_software_development_kit enterprise_linux_server en… |
Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribut… |
CWE-79
Cross-site Scripting |
CVE-2012-4209 | 2024-11-21 10:42 | 2012-11-21 | Show | GitHub Exploit DB Packet Storm | |
| 295063 | - |
mozilla suse opensuse redhat debian canonical |
firefox seamonkey thunderbird thunderbird_esr linux_enterprise_server linux_enterprise_desktop opensuse linux_enterprise_software_development_kit enterprise_linux_server en… |
The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do… |
CWE-79
Cross-site Scripting |
CVE-2012-4207 | 2024-11-21 10:42 | 2012-11-21 | Show | GitHub Exploit DB Packet Storm | |
| 295064 | - | mozilla | firefox | Untrusted search path vulnerability in the installer in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the … |
NVD-CWE-Other
|
CVE-2012-4206 | 2024-11-21 10:42 | 2012-11-21 | Show | GitHub Exploit DB Packet Storm | |
| 295065 | - |
mozilla canonical suse opensuse |
firefox seamonkey thunderbird ubuntu_linux linux_enterprise_desktop linux_enterprise_software_development_kit opensuse linux_enterprise_server |
Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which a… |
CWE-352
Origin Validation Error |
CVE-2012-4205 | 2024-11-21 10:42 | 2012-11-21 | Show | GitHub Exploit DB Packet Storm | |
| 295066 | - |
mozilla suse opensuse canonical |
firefox seamonkey thunderbird linux_enterprise_server linux_enterprise_desktop opensuse linux_enterprise_software_development_kit ubuntu_linux |
The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a deni… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2012-4204 | 2024-11-21 10:42 | 2012-11-21 | Show | GitHub Exploit DB Packet Storm | |
| 295067 | - | mozilla | firefox | The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by le… |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2012-4203 | 2024-11-21 10:42 | 2012-11-21 | Show | GitHub Exploit DB Packet Storm | |
| 295068 | - |
mozilla suse opensuse canonical redhat |
firefox seamonkey thunderbird thunderbird_esr linux_enterprise_server linux_enterprise_desktop opensuse linux_enterprise_software_development_kit ubuntu_linux enterprise_li… |
Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.1… |
CWE-787
Out-of-bounds Write |
CVE-2012-4202 | 2024-11-21 10:42 | 2012-11-21 | Show | GitHub Exploit DB Packet Storm | |
| 295069 | - |
mozilla suse opensuse redhat canonical debian |
firefox seamonkey thunderbird thunderbird_esr linux_enterprise_server linux_enterprise_desktop opensuse linux_enterprise_software_development_kit enterprise_linux_server en… |
The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incor… |
CWE-79
Cross-site Scripting |
CVE-2012-4201 | 2024-11-21 10:42 | 2012-11-21 | Show | GitHub Exploit DB Packet Storm | |
| 295070 | - | belkin |
n300_wireless_router n450_wireless_router n150_wireless_router n900_wireless_router |
Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the… |
CWE-310
Cryptographic Issues |
CVE-2012-4366 | 2024-11-21 10:42 | 2012-11-20 | Show | GitHub Exploit DB Packet Storm |