Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250941 6.9 警告 Mono Project - Mono の metadata/loader.c における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-4159 2012-03-27 18:42 2010-09-26 Show GitHub Exploit DB Packet Storm
250942 4.3 警告 exv2 - eXV2 CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4155 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
250943 9.3 危険 rhinosoft - Rhino の FTP Voyager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4154 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
250944 9.3 危険 crossftp - CrossFTP Pro におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4153 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
250945 7.5 危険 4site - 4site CMS の catalog/index.shtml における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4152 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
250946 6.8 警告 deluxebb - DeluxeBB における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4151 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
250947 9.3 危険 freshwebmaster - FreshWebMaster Fresh FTP におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4149 2012-03-27 18:42 2010-11-1 Show GitHub Exploit DB Packet Storm
250948 9.3 危険 anyconnect - AnyConnect におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4148 2012-03-27 18:42 2010-11-1 Show GitHub Exploit DB Packet Storm
250949 7.5 危険 avactis - Pentasoft Avactis Shopping Cart における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4147 2012-03-27 18:42 2010-11-1 Show GitHub Exploit DB Packet Storm
250950 4.3 警告 Attachmate - Web 2008 の Attachmate Reflection におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4146 2012-03-27 18:42 2010-11-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
280611 - mozilla firefox Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe… NVD-CWE-noinfo
CVE-2015-0835 2024-11-21 11:23 2015-02-25 Show GitHub Exploit DB Packet Storm
280612 - canonical
opensuse
mozilla 		ubuntu_linux
opensuse
firefox 		The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to … CWE-200
Information Exposure 		CVE-2015-0834 2024-11-21 11:23 2015-02-25 Show GitHub Exploit DB Packet Storm
280613 - opensuse
mozilla 		evergreen
opensuse
firefox
thunderbird
firefox_esr 		Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not… NVD-CWE-Other
CVE-2015-0833 2024-11-21 11:23 2015-02-25 Show GitHub Exploit DB Packet Storm
280614 - opensuse
canonical
mozilla 		opensuse
ubuntu_linux
firefox 		Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle attackers to bypass the HPKP and … CWE-254
 7PK - Security Features 		CVE-2015-0832 2024-11-21 11:23 2015-02-25 Show GitHub Exploit DB Packet Storm
280615 - mozilla
redhat
canonical 		thunderbird
firefox
firefox_esr
enterprise_linux
ubuntu_linux 		Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remo… NVD-CWE-Other
CVE-2015-0831 2024-11-21 11:23 2015-02-25 Show GitHub Exploit DB Packet Storm
280616 - canonical
mozilla
opensuse 		ubuntu_linux
firefox
opensuse 		The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copying an unspecified string to a shader's compilation log, which allows remote attackers to cause a den… CWE-399
 Resource Management Errors 		CVE-2015-0830 2024-11-21 11:23 2015-02-25 Show GitHub Exploit DB Packet Storm
280617 - canonical
opensuse
mozilla
oracle 		ubuntu_linux
opensuse
firefox
solaris 		Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-0829 2024-11-21 11:23 2015-02-25 Show GitHub Exploit DB Packet Storm
280618 - oracle
mozilla
opensuse 		solaris
firefox
opensuse 		Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code … NVD-CWE-Other
CVE-2015-0828 2024-11-21 11:23 2015-02-25 Show GitHub Exploit DB Packet Storm
280619 - mozilla firefox
firefox_esr
thunderbird 		Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-0827 2024-11-21 11:23 2015-02-25 Show GitHub Exploit DB Packet Storm
280620 - mozilla
opensuse
canonical 		firefox
opensuse
ubuntu_linux 		The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-0826 2024-11-21 11:23 2015-02-25 Show GitHub Exploit DB Packet Storm