Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252011	5	警告	Mozilla Foundation	-	Mozilla Firefox におけるブラウザキャッシュ内の文書の存在を容易に推測される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4688	2011-12-12 16:31	2011-12-7	Show	GitHub Exploit DB Packet Storm

252012	4.3	警告	Mozilla Foundation	-	複数の Mozilla 製品のレイアウトエンジンにおける重要な情報を取得される脆弱性	CWE-362 競合状態	CVE-2010-5074	2011-12-12 16:22	2010-03-31	Show	GitHub Exploit DB Packet Storm

252013	5	警告	Google	-	Google Chrome の JavaScript 実装における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5073	2011-12-12 16:21	2011-12-7	Show	GitHub Exploit DB Packet Storm

252014	5	警告	Opera Software ASA	-	Opera の JavaScript 実装における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5072	2011-12-12 16:20	2011-12-7	Show	GitHub Exploit DB Packet Storm

252015	5	警告	マイクロソフト	-	Microsoft Internet Explorer の JavaScript 実装における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5071	2011-12-12 16:19	2011-12-7	Show	GitHub Exploit DB Packet Storm

252016	5	警告	アップル	-	Apple Safari の JavaScript 実装における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5070	2011-12-12 16:17	2011-12-7	Show	GitHub Exploit DB Packet Storm

252017	4.3	警告	Google	-	Google Chrome の Cascading Style Sheets 実装における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-5069	2011-12-12 16:16	2011-12-7	Show	GitHub Exploit DB Packet Storm

252018	4.3	警告	Opera Software ASA	-	Opera の Cascading Style Sheets (CSS) 実装における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-5068	2011-12-12 16:14	2011-12-7	Show	GitHub Exploit DB Packet Storm

252019	5	警告	Mozilla Foundation	-	複数の Mozilla 製品の JavaScript 実装における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2002-2437	2011-12-12 16:12	2011-12-7	Show	GitHub Exploit DB Packet Storm

252020	4.3	警告	Mozilla Foundation	-	複数の Mozilla 製品の CSS 実装における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2002-2436	2011-12-12 16:12	2011-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
247511	9.8	CRITICAL Network	cohuhd	3960hd_firmware	Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially craft…	CWE-287 Improper Authentication	CVE-2017-8861	2024-11-21 12:34	2017-11-22	Show	GitHub Exploit DB Packet Storm

247512	6.5	MEDIUM Network	cohuhd	3960hd_firmware	Information disclosure through directory listing on the Cohu 3960HD allows an attacker to view and download source code, log files, and other sensitive device information via a specially crafted web …	CWE-200 Information Exposure	CVE-2017-8860	2024-11-21 12:34	2017-11-22	Show	GitHub Exploit DB Packet Storm

247513	9.1	CRITICAL Network	varnish-cache varnish_cache_project debian	varnish varnish_cache debian_linux	vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a V…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-8807	2024-11-21 12:34	2017-11-16	Show	GitHub Exploit DB Packet Storm

247514	7.5	HIGH Network	mediawiki debian	mediawiki debian_linux	The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attribute injection attacks via glossary rules.	CWE-20 Improper Input Validation	CVE-2017-8815	2024-11-21 12:34	2017-11-15	Show	GitHub Exploit DB Packet Storm

247515	7.5	HIGH Network	mediawiki debian	mediawiki debian_linux	The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attackers to replace text inside tags via a rule definition followed by "a lot of junk."	CWE-20 Improper Input Validation	CVE-2017-8814	2024-11-21 12:34	2017-11-15	Show	GitHub Exploit DB Packet Storm

247516	5.3	MEDIUM Network	mediawiki debian	mediawiki debian_linux	MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows remote attackers to inject > (greater than) characters via the id attribute of a headline.	NVD-CWE-noinfo	CVE-2017-8812	2024-11-21 12:34	2017-11-15	Show	GitHub Exploit DB Packet Storm

247517	6.1	MEDIUM Network	mediawiki debian	mediawiki debian_linux	The implementation of raw message parameter expansion in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows HTML mangling attacks.	CWE-20 Improper Input Validation	CVE-2017-8811	2024-11-21 12:34	2017-11-15	Show	GitHub Exploit DB Packet Storm

247518	7.5	HIGH Network	mediawiki debian	mediawiki debian_linux	MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2, when a private wiki is configured, provides different error messages for failed login attempts depending on whether the userna…	CWE-200 Information Exposure	CVE-2017-8810	2024-11-21 12:34	2017-11-15	Show	GitHub Exploit DB Packet Storm

247519	9.8	CRITICAL Network	mediawiki debian	mediawiki debian_linux	api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has a Reflected File Download vulnerability.	CWE-74 Injection	CVE-2017-8809	2024-11-21 12:34	2017-11-15	Show	GitHub Exploit DB Packet Storm

247520	6.1	MEDIUM Network	mediawiki debian	mediawiki debian_linux	MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has XSS when the $wgShowExceptionDetails setting is false and the browser sends non-standard URL escaping.	CWE-79 Cross-site Scripting	CVE-2017-8808	2024-11-21 12:34	2017-11-15	Show	GitHub Exploit DB Packet Storm