Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223901 6.8 警告 Pluck CMS - Pluck の data/inc/lib/pcltar.lib.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6253 2012-12-20 19:10 2009-02-24 Show GitHub Exploit DB Packet Storm
223902 7.2 危険 smcfancontrol - smcFanControl の smc プログラムにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-6252 2012-12-20 19:10 2009-02-24 Show GitHub Exploit DB Packet Storm
223903 6.8 警告 scripts - phpFan の includes/init.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6251 2012-12-20 19:10 2009-02-24 Show GitHub Exploit DB Packet Storm
223904 7.5 危険 scripts-for-sites - SFS EZ Top Sites の topsite.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6247 2012-12-20 19:10 2009-02-23 Show GitHub Exploit DB Packet Storm
223905 7.5 危険 scripts-for-sites - SFS EZ Webring の category.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6246 2012-12-20 19:10 2009-02-23 Show GitHub Exploit DB Packet Storm
223906 7.5 危険 scripts-for-sites - SFS EZ BIZ PRO の track.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6245 2012-12-20 19:10 2009-02-23 Show GitHub Exploit DB Packet Storm
223907 7.5 危険 scripts-for-sites - SFS EZ Gaming Cheats の view_reviews.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6244 2012-12-20 19:10 2009-02-23 Show GitHub Exploit DB Packet Storm
223908 7.5 危険 scripts-for-sites - SFS Hotscripts-like Site の showcategory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6243 2012-12-20 19:10 2009-02-23 Show GitHub Exploit DB Packet Storm
223909 7.5 危険 scripts-for-sites - SFS EZ e-store の SearchResults.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6242 2012-12-20 19:10 2009-02-23 Show GitHub Exploit DB Packet Storm
223910 7.5 危険 scripts-for-sites - SFS Hotscripts-like Site の software-description.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6237 2012-12-20 19:10 2009-02-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1601 8.1 HIGH
Network 		mozilla firefox
thunderbird 		Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arb… Update CWE-787
 Out-of-bounds Write 		CVE-2025-5269 2026-04-14 00:17 2025-05-27 Show GitHub Exploit DB Packet Storm
1602 8.1 HIGH
Network 		mozilla firefox
thunderbird 		Error de seguridad de memoria presente en Firefox ESR 128.10 y Thunderbird 128.10. Este error mostró evidencia de corrupción de memoria y presumimos que, con suficiente esfuerzo, podría haberse explo… Update CWE-787
 Out-of-bounds Write 		CVE-2025-5269 2026-04-14 00:17 2025-05-27 Show GitHub Exploit DB Packet Storm
1603 8.1 HIGH
Network 		mozilla firefox
thunderbird 		Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort … Update CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2025-5268 2026-04-14 00:17 2025-05-27 Show GitHub Exploit DB Packet Storm
1604 8.1 HIGH
Network 		mozilla firefox
thunderbird 		Errores de seguridad de memoria presentes en Firefox 138, Thunderbird 138, Firefox ESR 128.10 y Thunderbird 128.10. Algunos de estos errores mostraron evidencia de corrupción de memoria y presumimos … Update CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2025-5268 2026-04-14 00:17 2025-05-27 Show GitHub Exploit DB Packet Storm
1605 5.4 MEDIUM
Network 		mozilla firefox A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunder… Update CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2025-5267 2026-04-14 00:17 2025-05-27 Show GitHub Exploit DB Packet Storm
1606 5.4 MEDIUM
Network 		mozilla firefox Una vulnerabilidad de clickjacking podría haberse utilizado para engañar a un usuario y que filtrara los datos de su tarjeta de pago a una página maliciosa. Esta vulnerabilidad afecta a Firefox < … Update CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2025-5267 2026-04-14 00:17 2025-05-27 Show GitHub Exploit DB Packet Storm
1607 4.3 MEDIUM
Network 		mozilla firefox Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thu… Update CWE-200
Information Exposure 		CVE-2025-5266 2026-04-14 00:17 2025-05-27 Show GitHub Exploit DB Packet Storm
1608 4.3 MEDIUM
Network 		mozilla firefox Los elementos de script que cargaban recursos de origen cruzado generaban eventos de carga y error que filtraban información, lo que facilitaba los ataques XS-Leaks. Esta vulnerabilidad afecta a Fire… Update CWE-200
Information Exposure 		CVE-2025-5266 2026-04-14 00:17 2025-05-27 Show GitHub Exploit DB Packet Storm
1609 4.8 MEDIUM
Local 		mozilla firefox Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user'… Update CWE-77
Command Injection 		CVE-2025-5265 2026-04-14 00:17 2025-05-27 Show GitHub Exploit DB Packet Storm
1610 4.8 MEDIUM
Local 		mozilla firefox Debido a la insuficiente capacidad de escape del carácter "&" en la función "Copiar como cURL", un atacante podría engañar a un usuario para que use este comando, lo que podría provocar la ejecuc… Update CWE-77
Command Injection 		CVE-2025-5265 2026-04-14 00:17 2025-05-27 Show GitHub Exploit DB Packet Storm