Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245141 7.5 危険 discountedscripts - Quick Poll Script の code.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3765 2012-06-26 16:02 2008-08-21 Show GitHub Exploit DB Packet Storm
245142 10 危険 DELL EMC (旧 EMC Corporation) - EMC Documentum ApplicationXtender Workflow のサーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-3685 2012-06-26 16:02 2009-10-22 Show GitHub Exploit DB Packet Storm
245143 10 危険 DELL EMC (旧 EMC Corporation) - EMC Documentum ApplicationXtender Workflow のサーバにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-3684 2012-06-26 16:02 2009-10-22 Show GitHub Exploit DB Packet Storm
245144 9.3 危険 eo-video - EO Video におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-3733 2012-06-26 16:02 2008-08-20 Show GitHub Exploit DB Packet Storm
245145 7.5 危険 fipsasp - fipsCMS の forum/neu.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3722 2012-06-26 16:02 2008-08-20 Show GitHub Exploit DB Packet Storm
245146 7.5 危険 deeemm - DMCMS の user_language.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-3721 2012-06-26 16:02 2008-08-20 Show GitHub Exploit DB Packet Storm
245147 7.5 危険 deeemm - DMCMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3720 2012-06-26 16:02 2008-08-20 Show GitHub Exploit DB Packet Storm
245148 6.5 警告 cyberbb - cyberBB における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3718 2012-06-26 16:02 2008-08-20 Show GitHub Exploit DB Packet Storm
245149 2.6 注意 FlexCMS - FlexCMS の inc-core-admin-editor-previouscolorsjs.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3715 2012-06-26 16:02 2008-08-19 Show GitHub Exploit DB Packet Storm
245150 4.3 警告 Laurent Destailleur - AWStats の awstats.pl におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3714 2012-06-26 16:02 2008-08-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
253081 9.8 CRITICAL
Network 		mozilla firefox Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes.… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-5392 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
253082 9.8 CRITICAL
Network 		mozilla firefox Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potent… NVD-CWE-noinfo
CVE-2017-5391 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
253083 6.1 MEDIUM
Network 		mozilla firefox WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. Thi… CWE-601
Open Redirect 		CVE-2017-5389 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
253084 7.5 HIGH
Network 		mozilla firefox A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on … CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2017-5388 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
253085 3.3 LOW
Local 		mozilla firefox The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the … CWE-538
 File and Directory Information Exposure 		CVE-2017-5387 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
253086 7.3 HIGH
Network 		debian
redhat
mozilla 		debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
firefox
fir… 		WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensio… NVD-CWE-noinfo
CVE-2017-5386 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
253087 9.8 CRITICAL
Network 		debian
redhat
mozilla 		debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird 		The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vul… NVD-CWE-noinfo
CVE-2017-5390 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
253088 7.5 HIGH
Network 		mozilla firefox Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using thi… CWE-200
Information Exposure 		CVE-2017-5385 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
253089 5.9 MEDIUM
Network 		mozilla firefox Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of… CWE-200
Information Exposure 		CVE-2017-5384 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
253090 5.3 MEDIUM
Network 		debian
redhat
mozilla 		debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird 		URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability a… CWE-20
 Improper Input Validation  		CVE-2017-5383 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm