Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 1, 2026, 10 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 225051 | 7.5 | 危険 | BMC Software | - | BMC Service Desk Express における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2013-4945 | 2013-07-31 15:08 | 2013-06-12 | Show | GitHub Exploit DB Packet Storm |
| 225052 | 2.1 | 注意 | Drupal Indonesia | - | Drupal 用 TinyBox モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2013-4140 | 2013-07-31 14:44 | 2013-07-10 | Show | GitHub Exploit DB Packet Storm |
| 225053 | 2.6 | 注意 | BuddyDev.com | - | WordPress 用 BuddyPress Extended Friendship Request プラグインにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2013-4944 | 2013-07-31 14:36 | 2013-07-2 | Show | GitHub Exploit DB Packet Storm |
| 225054 | 4.3 | 警告 | OpenX | - | OpenX Source におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2013-3515 | 2013-07-31 14:08 | 2013-05-8 | Show | GitHub Exploit DB Packet Storm |
| 225055 | 4.3 | 警告 | Monkey Project | - | Monkey HTTP Daemon の Directory Listing プラグインにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2013-2181 | 2013-07-31 13:55 | 2013-06-14 | Show | GitHub Exploit DB Packet Storm |
| 225056 | 9.3 | 危険 | キングソフト株式会社 | - | Kingsoft Spreadsheets 2012 におけるヒープベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2013-0723 | 2013-07-31 13:47 | 2013-07-29 | Show | GitHub Exploit DB Packet Storm |
| 225057 | 5 | 警告 | ヒューレット・パッカード レッドハット |
- | 複数の Red Hat JBoss 製品の JBossWS Native におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2011-1483 | 2013-07-30 17:40 | 2011-04-4 | Show | GitHub Exploit DB Packet Storm |
| 225058 | 4.7 | 警告 | Linux | - | Linux Kernel のブリッジのマルチキャストの実装におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2013-4129 | 2013-07-30 17:21 | 2013-07-7 | Show | GitHub Exploit DB Packet Storm |
| 225059 | 4.7 | 警告 | Linux | - | Linux Kernel の drivers/vhost/net.c におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2013-4127 | 2013-07-30 17:21 | 2013-07-9 | Show | GitHub Exploit DB Packet Storm |
| 225060 | 6.4 | 警告 | FreeBSD | - | FreeBSD のカーネルにおける NFS ファイルシステムのファイルパーミッションを回避される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2013-4851 | 2013-07-30 16:42 | 2013-07-26 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 1, 2026, 4:12 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 278891 | - | microsoft |
windows_8 windows_8.1 windows_server_2008 windows_server_2012 |
Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest O… |
CWE-254
7PK - Security Features |
CVE-2015-2362 | 2024-11-21 11:27 | 2015-07-15 | Show | GitHub Exploit DB Packet Storm | |
| 278892 | - | microsoft |
windows_8.1 windows_server_2012 |
Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2015-2361 | 2024-11-21 11:27 | 2015-07-15 | Show | GitHub Exploit DB Packet Storm | |
| 278893 | - |
mozilla oracle novell |
firefox_esr firefox solaris suse_linux_enterprise_server suse_linux_enterprise_desktop suse_linux_enterprise_software_development_kit |
PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary … |
CWE-17
Code |
CVE-2015-2743 | 2024-11-21 11:27 | 2015-07-6 | Show | GitHub Exploit DB Packet Storm | |
| 278894 | - |
oracle mozilla |
solaris firefox |
Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-… |
CWE-200
Information Exposure |
CVE-2015-2742 | 2024-11-21 11:27 | 2015-07-6 | Show | GitHub Exploit DB Packet Storm | |
| 278895 | - |
mozilla oracle |
firefox solaris firefox_esr |
Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which al… |
CWE-310
Cryptographic Issues |
CVE-2015-2741 | 2024-11-21 11:27 | 2015-07-6 | Show | GitHub Exploit DB Packet Storm | |
| 278896 | - |
mozilla canonical novell debian oracle |
thunderbird firefox_esr firefox ubuntu_linux suse_linux_enterprise_server debian_linux suse_linux_enterprise_desktop suse_linux_enterprise_software_development_kit solaris |
Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remot… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2015-2740 | 2024-11-21 11:27 | 2015-07-6 | Show | GitHub Exploit DB Packet Storm | |
| 278897 | - |
mozilla canonical novell debian oracle |
firefox ubuntu_linux suse_linux_enterprise_server suse_linux_enterprise_desktop suse_linux_enterprise_software_development_kit debian_linux firefox_esr solaris thunderbird |
The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has … |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2015-2739 | 2024-11-21 11:27 | 2015-07-6 | Show | GitHub Exploit DB Packet Storm | |
| 278898 | - |
canonical suse debian mozilla oracle |
ubuntu_linux linux_enterprise_server linux_enterprise_software_development_kit linux_enterprise_desktop suse_linux_enterprise_server debian_linux firefox firefox_esr thunderbi… |
The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1… |
CWE-17
Code |
CVE-2015-2738 | 2024-11-21 11:27 | 2015-07-6 | Show | GitHub Exploit DB Packet Storm | |
| 278899 | - |
mozilla canonical oracle suse debian |
firefox_esr firefox ubuntu_linux solaris linux_enterprise_server linux_enterprise_software_development_kit linux_enterprise_desktop suse_linux_enterprise_server debian_linux
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from …
|
CWE-17
|
Code
CVE-2015-2737
|
2024-11-21 11:27 |
2015-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
| |
| 278900 | - |
mozilla oracle canonical novell debian |
firefox thunderbird firefox_esr solaris ubuntu_linux suse_linux_enterprise_server debian_linux suse_linux_enterprise_desktop suse_linux_enterprise_software_development_kit |
The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which all… |
CWE-17
Code |
CVE-2015-2736 | 2024-11-21 11:27 | 2015-07-6 | Show | GitHub Exploit DB Packet Storm |