Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242601 5 警告 MegaLab.it - MegaLab The Uploader の api/download_checker.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4816 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
242602 7.5 危険 graugon - Graugon PHP Article Publisher の admin.php における管理者用アクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2009-4808 2012-06-26 16:19 2010-04-23 Show GitHub Exploit DB Packet Storm
242603 7.5 危険 graugon - Graugon PHP Article Publisher における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4807 2012-06-26 16:19 2010-04-23 Show GitHub Exploit DB Packet Storm
242604 7.5 危険 digitalinterchange - Digital Interchange Document Library の admin/save_user.asp における管理者の資格情報を変更される脆弱性 CWE-287
不適切な認証 		CVE-2009-4806 2012-06-26 16:19 2010-04-23 Show GitHub Exploit DB Packet Storm
242605 7.5 危険 TYPO3 Association
andreas schwarzkopf		 - TYPO3 の a21glossary 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4803 2012-06-26 16:19 2010-03-5 Show GitHub Exploit DB Packet Storm
242606 5 警告 diskos - Diskos CMS におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4799 2012-06-26 16:19 2010-04-22 Show GitHub Exploit DB Packet Storm
242607 7.5 危険 diskos - Diskos CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4798 2012-06-26 16:19 2010-04-22 Show GitHub Exploit DB Packet Storm
242608 7.5 危険 glFusion - glFusion の private/system/classes/listfactory.class.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4796 2012-06-26 16:19 2010-04-22 Show GitHub Exploit DB Packet Storm
242609 7.5 危険 community cms - Community CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4794 2012-06-26 16:19 2010-04-22 Show GitHub Exploit DB Packet Storm
242610 7.5 危険 bhavesh chauhan
Joomla!		 - Joomla! 用の Quick News コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4785 2012-06-26 16:19 2010-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267081 4.3 MEDIUM
Network 		canonical
mozilla
opensuse 		ubuntu_linux
firefox
leap
opensuse 		Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes. CWE-200
Information Exposure 		CVE-2016-2832 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm
267082 8.8 HIGH
Network 		canonical
mozilla
debian
opensuse 		ubuntu_linux
firefox
debian_linux
leap
opensuse 		Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (… CWE-254
CWE-284
 7PK - Security Features
Improper Access Control 		CVE-2016-2831 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm
267083 6.5 MEDIUM
Network 		canonical
mozilla
opensuse 		ubuntu_linux
firefox
leap
opensuse 		Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or… CWE-284
Improper Access Control 		CVE-2016-2829 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm
267084 8.8 HIGH
Network 		canonical
opensuse
mozilla
debian 		ubuntu_linux
leap
opensuse
firefox
debian_linux 		Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after des… NVD-CWE-Other
CVE-2016-2828 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm
267085 7.8 HIGH
Local 		mozilla firefox The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local u… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-2826 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm
267086 6.5 MEDIUM
Network 		canonical
opensuse
mozilla 		ubuntu_linux
leap
opensuse
firefox 		Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL. CWE-284
Improper Access Control 		CVE-2016-2825 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm
267087 8.8 HIGH
Network 		mozilla
opensuse 		firefox
leap
opensuse 		The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-2824 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm
267088 6.5 MEDIUM
Network 		debian
mozilla
canonical
opensuse 		debian_linux
firefox
ubuntu_linux
leap
opensuse 		Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu. CWE-284
Improper Access Control 		CVE-2016-2822 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm
267089 7.5 HIGH
Network 		mozilla
debian
opensuse
canonical 		firefox
debian_linux
leap
opensuse
ubuntu_linux 		Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execu… NVD-CWE-Other
CVE-2016-2821 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm
267090 8.8 HIGH
Network 		opensuse
mozilla
debian
canonical 		leap
opensuse
firefox
debian_linux
ubuntu_linux 		Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fr… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-2819 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm