Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252071	7.2	危険	マイクロソフト	-	複数の Microsoft 製品の Consent User Interface における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3961	2011-01-17 15:06	2010-12-14	Show	GitHub Exploit DB Packet Storm

252072	7.2	危険	マイクロソフト	-	Microsoft Windows 製品の Routing and Remote Access NDProxy コンポーネントにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3963	2011-01-17 15:03	2010-12-14	Show	GitHub Exploit DB Packet Storm

252073	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2010-3944	2011-01-17 14:45	2010-12-14	Show	GitHub Exploit DB Packet Storm

252074	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3943	2011-01-17 14:38	2010-12-14	Show	GitHub Exploit DB Packet Storm

252075	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-119 バッファエラー	CVE-2010-3942	2011-01-17 14:35	2010-12-14	Show	GitHub Exploit DB Packet Storm

252076	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2010-3941	2011-01-17 14:29	2010-12-14	Show	GitHub Exploit DB Packet Storm

252077	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2010-3940	2011-01-14 15:55	2010-12-14	Show	GitHub Exploit DB Packet Storm

252078	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3939	2011-01-14 15:53	2010-12-14	Show	GitHub Exploit DB Packet Storm

252079	9.3	危険	マイクロソフト	-	Microsoft Windows の Internet Connection Signup Wizard における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3144	2011-01-14 15:49	2010-12-14	Show	GitHub Exploit DB Packet Storm

252080	9.3	危険	マイクロソフト	-	Windows Address Book の wab.exe における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3147	2011-01-14 15:47	2010-12-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291421	-		mozilla suse opensuse redhat canonical	firefox seamonkey thunderbird thunderbird_esr linux_enterprise_desktop opensuse linux_enterprise_server linux_enterprise_software_development_kit enterprise_linux_server en…	Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 1…	CWE-416 Use After Free	CVE-2012-3956	2024-11-21 10:41	2012-08-29	Show	GitHub Exploit DB Packet Storm

291422	-		tor	tor	routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information abo…	CWE-200 Information Exposure	CVE-2012-3519	2024-11-21 10:41	2012-08-26	Show	GitHub Exploit DB Packet Storm

291423	-		tor	tor	The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-3518	2024-11-21 10:41	2012-08-26	Show	GitHub Exploit DB Packet Storm

291424	-		tor	tor	Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests.	CWE-399 Resource Management Errors	CVE-2012-3517	2024-11-21 10:41	2012-08-26	Show	GitHub Exploit DB Packet Storm

291425	-		jabberd2 jabber2	jabberd2	s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (…	CWE-20 Improper Input Validation	CVE-2012-3525	2024-11-21 10:41	2012-08-26	Show	GitHub Exploit DB Packet Storm

291426	-		nicolas_cannasse	ocaml_xml-light_library	OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service …	CWE-310 Cryptographic Issues	CVE-2012-3514	2024-11-21 10:41	2012-08-25	Show	GitHub Exploit DB Packet Storm

291427	-		roundcube	webmail	Cross-site scripting (XSS) vulnerability in program/lib/washtml.php in Roundcube Webmail 0.8.0 allows remote attackers to inject arbitrary web script or HTML by using "javascript:" in an href attribu…	CWE-79 Cross-site Scripting	CVE-2012-3508	2024-11-21 10:41	2012-08-25	Show	GitHub Exploit DB Packet Storm

291428	-		roundcube	webmail	Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML vi…	CWE-79 Cross-site Scripting	CVE-2012-3507	2024-11-21 10:41	2012-08-25	Show	GitHub Exploit DB Packet Storm

291429	9.8	CRITICAL Network	theforeman redhat	katello enterprise_linux_server	The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allo…	CWE-798 Use of Hard-coded Credentials	CVE-2012-3503	2024-11-21 10:41	2012-08-25	Show	GitHub Exploit DB Packet Storm

291430	-		darold	squidclamav	The squidclamav_check_preview_handler function in squidclamav.c in SquidClamav 5.x before 5.8 and 6.x before 6.7 passes an unescaped URL to a system command call, which allows remote attackers to cau…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-3501	2024-11-21 10:41	2012-08-25	Show	GitHub Exploit DB Packet Storm