Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251641	7.5	危険	Parallels	-	Parallels Plesk Panel の Control Panel における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4847	2011-12-20 12:23	2011-12-16	Show	GitHub Exploit DB Packet Storm

251642	4.3	警告	Parallels	-	Parallels Plesk Panel の Site Editor 機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4777	2011-12-20 12:23	2011-12-16	Show	GitHub Exploit DB Packet Storm

251643	4.3	警告	Parallels	-	Parallels Plesk Panel の Control Panel におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4776	2011-12-20 12:22	2011-12-16	Show	GitHub Exploit DB Packet Storm

251644	10	危険	Parallels	-	Parallels Plesk Small Business Panel の Site Editor 機能における詳細不明な脆弱性	CWE-DesignError	CVE-2011-4768	2011-12-20 12:21	2011-12-16	Show	GitHub Exploit DB Packet Storm

251645	5	警告	Parallels	-	Parallels Plesk Small Business Panel の Site Editor 機能における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-4767	2011-12-20 12:21	2011-12-16	Show	GitHub Exploit DB Packet Storm

251646	4.3	警告	Parallels	-	Parallels Plesk Small Business Panel の Site Editor 機能における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-4765	2011-12-20 12:12	2011-12-16	Show	GitHub Exploit DB Packet Storm

251647	4.3	警告	Parallels	-	Parallels Plesk Small Business Panel の Site Editor 機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4764	2011-12-20 12:11	2011-12-16	Show	GitHub Exploit DB Packet Storm

251648	7.5	危険	Parallels	-	Parallels Plesk Small Business Panel の Site Editor 機能における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4763	2011-12-20 12:11	2011-12-16	Show	GitHub Exploit DB Packet Storm

251649	10	危険	Parallels	-	Parallels Plesk Small Business Panel における詳細不明な脆弱性	CWE-DesignError	CVE-2011-4762	2011-12-20 11:33	2011-12-16	Show	GitHub Exploit DB Packet Storm

251650	10	危険	Parallels	-	Parallels Plesk Small Business Panel における詳細不明な脆弱性	CWE-DesignError	CVE-2011-4761	2011-12-20 11:33	2011-12-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248161	8.1	HIGH Network	debian redhat mozilla	debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus firefox fir…	A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifes…	CWE-20 Improper Input Validation	CVE-2017-7807	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248162	7.5	HIGH Network	mozilla debian	firefox thunderbird debian_linux	During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space a…	CWE-416 Use After Free	CVE-2017-7805	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248163	7.5	HIGH Network	mozilla	firefox firefox_esr thunderbird	The destructor function for the "WindowsDllDetourPatcher" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location i…	CWE-20 Improper Input Validation	CVE-2017-7804	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248164	7.5	HIGH Network	redhat debian mozilla	enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus debian_linux thunderbird firefox firefox_…	When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbi…	CWE-269 Improper Privilege Management	CVE-2017-7803	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248165	6.1	MEDIUM Network	mozilla	firefox	JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficul…	CWE-79 Cross-site Scripting	CVE-2017-7799	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248166	7.5	HIGH Network	mozilla	firefox	Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerabilit…	CWE-346 Origin Validation Error	CVE-2017-7797	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248167	4.7	MEDIUM Local	mozilla	firefox	On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line …	CWE-20 Improper Input Validation	CVE-2017-7796	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248168	7.8	HIGH Local	mozilla	firefox	On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no wr…	CWE-276 Incorrect Default Permissions	CVE-2017-7794	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248169	9.8	CRITICAL Network	debian redhat mozilla	debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus firefox fir…	A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exp…	CWE-416 Use After Free	CVE-2017-7802	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248170	9.8	CRITICAL Network	debian redhat mozilla	debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus firefox fir…	A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potenti…	CWE-416 Use After Free	CVE-2017-7801	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed