Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
221001 6.5 警告 AITpro - WordPress 用 BulletProof Security プラグインの admin/htaccess/bpsunlock.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2014-7959 2014-11-7 15:28 2014-11-5 Show GitHub Exploit DB Packet Storm
221002 4.3 警告 AITpro - WordPress 用 BulletProof Security プラグインの admin/htaccess/bpsunlock.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2014-7958 2014-11-7 15:27 2014-11-5 Show GitHub Exploit DB Packet Storm
221003 4.3 警告 Wordfence.com - WordPress 用 Wordfence Security プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2014-4664 2014-11-7 15:27 2014-06-30 Show GitHub Exploit DB Packet Storm
221004 3.5 注意 Compfight - WordPress 用 Compfight プラグインの compfight-search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2014-8622 2014-11-7 15:27 2014-07-3 Show GitHub Exploit DB Packet Storm
221005 7.5 危険 CA Technologies - CA Cloud Service Management における任意のファイルを読まれる脆弱性 CWE-nocwe
CWE以外
CVE-2014-8474 2014-11-7 15:22 2014-11-3 Show GitHub Exploit DB Packet Storm
221006 6.8 警告 CA Technologies - CA Cloud Service Management におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2014-8473 2014-11-7 15:21 2014-11-3 Show GitHub Exploit DB Packet Storm
221007 6.8 警告 CA Technologies - CA Cloud Service Management におけるアクセス制限を回避される脆弱性 CWE-287
不適切な認証
CVE-2014-8472 2014-11-7 15:20 2014-11-3 Show GitHub Exploit DB Packet Storm
221008 4.3 警告 CA Technologies - CA Cloud Service Management における反射攻撃を実行される脆弱性 CWE-noinfo
情報不足
CVE-2014-8471 2014-11-7 15:20 2014-11-3 Show GitHub Exploit DB Packet Storm
221009 4.3 警告 LaboCNIL - French National Commission on Informatics and Liberty CookieViz の json.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2014-8352 2014-11-7 14:56 2014-11-4 Show GitHub Exploit DB Packet Storm
221010 7.5 危険 LaboCNIL - French National Commission on Informatics and Liberty CookieViz の info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2014-8351 2014-11-7 14:55 2014-11-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294821 7.5 HIGH
Network
mozilla
fedoraproject
opensuse
suse
canonical
debian
redhat
seamonkey
firefox
firefox_esr
thunderbird
fedora
opensuse
suse_linux_enterprise_software_development_kit
suse_linux_enterprise_desktop
suse_linux_enterprise_server
ubuntu_l…
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Polic… CWE-346
 Origin Validation Error
CVE-2014-1487 2024-11-21 11:04 2014-02-6 Show GitHub Exploit DB Packet Storm
294822 9.8 CRITICAL
Network
mozilla
fedoraproject
opensuse
suse
debian
canonical
redhat
seamonkey
firefox
firefox_esr
thunderbird
fedora
opensuse
suse_linux_enterprise_software_development_kit
suse_linux_enterprise_desktop
suse_linux_enterprise_server
debian_l…
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers t… CWE-416
 Use After Free
CVE-2014-1486 2024-11-21 11:04 2014-02-6 Show GitHub Exploit DB Packet Storm
294823 8.8 HIGH
Network
mozilla
canonical
debian
redhat
fedoraproject
opensuse
suse
seamonkey
firefox
firefox_esr
thunderbird
ubuntu_linux
debian_linux
enterprise_linux_server
enterprise_linux_server_eus
enterprise_linux_workstation
enterprise_linux_server…
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attacke… CWE-787
 Out-of-bounds Write
CVE-2014-1482 2024-11-21 11:04 2014-02-6 Show GitHub Exploit DB Packet Storm
294824 7.5 HIGH
Network
mozilla
fedoraproject
opensuse
suse
redhat
debian
canonical
seamonkey
firefox
firefox_esr
thunderbird
fedora
opensuse
suse_linux_enterprise_software_development_kit
suse_linux_enterprise_desktop
suse_linux_enterprise_server
enterpri…
Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging in… NVD-CWE-noinfo
CVE-2014-1481 2024-11-21 11:04 2014-02-6 Show GitHub Exploit DB Packet Storm
294825 7.5 HIGH
Network
mozilla
canonical
debian
redhat
fedoraproject
opensuse
suse
seamonkey
firefox
firefox_esr
thunderbird
ubuntu_linux
debian_linux
enterprise_linux_server
enterprise_linux_server_eus
enterprise_linux_workstation
enterprise_linux_server…
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operatio… NVD-CWE-noinfo
CVE-2014-1479 2024-11-21 11:04 2014-02-6 Show GitHub Exploit DB Packet Storm
294826 - mozilla
canonical
opensuse
oracle
seamonkey
firefox
ubuntu_linux
opensuse
solaris
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and applicat… CWE-787
 Out-of-bounds Write
CVE-2014-1478 2024-11-21 11:04 2014-02-6 Show GitHub Exploit DB Packet Storm
294827 - hiphop_virtual_machine_for_php_project hiphop_virtual_machine_for_php The libxml_disable_entity_loader function in runtime/ext/ext_simplexml.cpp in HipHop Virtual Machine for PHP (HHVM) before 2.4.0 and 2.3.x before 2.3.3 does not properly disable a certain libxml hand… NVD-CWE-Other
CVE-2014-1439 2024-11-21 11:04 2014-02-6 Show GitHub Exploit DB Packet Storm
294828 9.8 CRITICAL
Network
mozilla
canonical
debian
redhat
fedoraproject
opensuse
suse
seamonkey
firefox
firefox_esr
thunderbird
ubuntu_linux
debian_linux
enterprise_linux_server
enterprise_linux_server_eus
enterprise_linux_workstation
enterprise_linux_server…
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to c… NVD-CWE-noinfo
CVE-2014-1477 2024-11-21 11:04 2014-02-6 Show GitHub Exploit DB Packet Storm
294829 - easyxdm easyxdm Cross-site scripting (XSS) vulnerability in name.html in easyXDM before 2.4.19 allows remote attackers to inject arbitrary web script or HTML via the location.hash value. CWE-79
Cross-site Scripting
CVE-2014-1403 2024-11-21 11:04 2014-02-6 Show GitHub Exploit DB Packet Storm
294830 - fortinet fortiweb Cross-site scripting (XSS) vulnerability in the web administration interface in FortiGuard FortiWeb 5.0.3 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML… CWE-79
Cross-site Scripting
CVE-2014-1458 2024-11-21 11:04 2014-02-5 Show GitHub Exploit DB Packet Storm