Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240421	7.5	危険	john andersson	-	ZIXForum の ReplyNew.asp における SQL インジェクションの脆弱性	-	CVE-2006-4612	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240422	6.8	警告	longino	-	Longino Jacome php-Revista におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4608	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240423	7.5	危険	longino	-	Longino Jacome php-Revista の admin/index.php における認証コントロールを回避される脆弱性	-	CVE-2006-4607	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240424	7.5	危険	longino	-	Longino Jacome php-Revista における SQL インジェクションの脆弱性	-	CVE-2006-4606	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240425	7.5	危険	longino	-	Longino Jacome php-Revista の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4605	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240426	7.5	危険	lanifex	-	Lanifex DMO の LFXlib/access_manager.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4604	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240427	7.5	危険	NCH Software	-	NCH Swift Sound Web Dictate における認証を回避される脆弱性	-	CVE-2006-4603	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240428	7.5	危険	icblogger	-	ICBlogger の devam.asp における SQL インジェクションの脆弱性	-	CVE-2006-4597	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240429	5.1	警告	mybace light	-	MyBace Light Skrip における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4596	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

240430	5	警告	muforum	-	muforum におけるユーザ名など重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2006-4595	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
268051	6.1	MEDIUM Network	apple mozilla	mac_os_x firefox	The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that trigger…	CWE-79 Cross-site Scripting	CVE-2016-1941	2024-11-21 11:47	2016-02-1	Show	GitHub Exploit DB Packet Storm

268052	5.3	MEDIUM Network	google mozilla	android firefox	Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing.	CWE-17 Code	CVE-2016-1940	2024-11-21 11:47	2016-02-1	Show	GitHub Exploit DB Packet Storm

268053	5.3	MEDIUM Network	opensuse mozilla	leap opensuse firefox	Mozilla Firefox before 44.0 stores cookies with names containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. NOTE: this vul…	CWE-200 Information Exposure	CVE-2016-1939	2024-11-21 11:47	2016-02-1	Show	GitHub Exploit DB Packet Storm

268054	6.5	MEDIUM Network	opensuse mozilla	leap opensuse nss firefox	The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier fo…	CWE-310 Cryptographic Issues	CVE-2016-1938	2024-11-21 11:47	2016-02-1	Show	GitHub Exploit DB Packet Storm

268055	6.1	MEDIUM Network	mozilla opensuse	firefox leap opensuse	The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a do…	CWE-79 Cross-site Scripting	CVE-2016-1937	2024-11-21 11:47	2016-02-1	Show	GitHub Exploit DB Packet Storm

268056	8.8	HIGH Network	opensuse oracle mozilla	leap opensuse linux firefox	Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1935	2024-11-21 11:47	2016-02-1	Show	GitHub Exploit DB Packet Storm

268057	6.5	MEDIUM Network	opensuse mozilla	leap opensuse firefox	Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted G…	CWE-189 Numeric Errors	CVE-2016-1933	2024-11-21 11:47	2016-02-1	Show	GitHub Exploit DB Packet Storm

268058	10.0	CRITICAL Network	mozilla opensuse	firefox leap opensuse	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1931	2024-11-21 11:47	2016-02-1	Show	GitHub Exploit DB Packet Storm

268059	9.8	CRITICAL Network	mozilla oracle opensuse	firefox linux leap opensuse	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and a…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1930	2024-11-21 11:47	2016-02-1	Show	GitHub Exploit DB Packet Storm

268060	10.0	CRITICAL Network	hp	operations_manager	HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.	CWE-94 Code Injection	CVE-2016-1985	2024-11-21 11:47	2016-01-31	Show	GitHub Exploit DB Packet Storm