Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252151	2.6	注意	MODX	-	MODx Revolution の manager/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4883	2012-01-19 11:06	2011-10-7	Show	GitHub Exploit DB Packet Storm

252152	4.3	警告	Ventics	-	Auto CMS の autocms.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4882	2012-01-19 11:06	2011-10-7	Show	GitHub Exploit DB Packet Storm

252153	6.8	警告	ApPHP	-	ApPHP Calendar の calendar.class.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-4881	2012-01-19 10:33	2011-10-7	Show	GitHub Exploit DB Packet Storm

252154	4.3	警告	ApPHP	-	ApPHP Calendar の calendar.class.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4880	2012-01-19 10:33	2011-10-7	Show	GitHub Exploit DB Packet Storm

252155	7.5	危険	Hinnendahl	-	Kontakt Formular の formmailer.php における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-4878	2012-01-19 10:32	2011-10-7	Show	GitHub Exploit DB Packet Storm

252156	4.3	警告	InsaneVisions	-	OneCMS の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4877	2012-01-19 10:31	2011-10-7	Show	GitHub Exploit DB Packet Storm

252157	7.5	危険	got milk	-	mBlogger の viewpost.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4876	2012-01-19 10:30	2011-10-7	Show	GitHub Exploit DB Packet Storm

252158	4.3	警告	Xondie	-	WordPress 用 Vodpod Video Gallery プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4875	2012-01-19 10:30	2011-10-7	Show	GitHub Exploit DB Packet Storm

252159	4.3	警告	NinkoBB	-	NinkoBB の users.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4874	2012-01-19 10:28	2011-10-7	Show	GitHub Exploit DB Packet Storm

252160	4.3	警告	WeBid Support	-	WeBid におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4873	2012-01-19 10:27	2011-10-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
265441	5.3	MEDIUM Network	mozilla	firefox	Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set.	CWE-20 Improper Input Validation	CVE-2016-5267	2024-11-21 11:53	2016-08-5	Show	GitHub Exploit DB Packet Storm

265442	8.1	HIGH Network	mozilla	firefox	Mozilla Firefox before 48.0 does not properly restrict drag-and-drop (aka dataTransfer) actions for file: URIs, which allows user-assisted remote attackers to access local files via a crafted web sit…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-5266	2024-11-21 11:53	2016-08-5	Show	GitHub Exploit DB Packet Storm

265443	5.5	MEDIUM Local	oracle mozilla	linux firefox	Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, b…	CWE-79 CWE-200 Cross-site Scripting Information Exposure	CVE-2016-5265	2024-11-21 11:53	2016-08-5	Show	GitHub Exploit DB Packet Storm

265444	8.8	HIGH Network	mozilla oracle	firefox linux	Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary c…	CWE-416 Use After Free	CVE-2016-5264	2024-11-21 11:53	2016-08-5	Show	GitHub Exploit DB Packet Storm

265445	8.8	HIGH Network	mozilla oracle	firefox linux	The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary cod…	CWE-704 Incorrect Type Conversion or Cast	CVE-2016-5263	2024-11-21 11:53	2016-08-5	Show	GitHub Exploit DB Packet Storm

265446	6.1	MEDIUM Network	mozilla oracle	firefox linux	Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" …	CWE-79 Cross-site Scripting	CVE-2016-5262	2024-11-21 11:53	2016-08-5	Show	GitHub Exploit DB Packet Storm

265447	8.8	HIGH Network	mozilla	firefox	Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of…	CWE-190 Integer Overflow or Wraparound	CVE-2016-5261	2024-11-21 11:53	2016-08-5	Show	GitHub Exploit DB Packet Storm

265448	6.5	MEDIUM Network	mozilla	firefox	Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"' within a single Session Manager session, which might allow attackers to discover cleartext passwords…	CWE-200 Information Exposure	CVE-2016-5260	2024-11-21 11:53	2016-08-5	Show	GitHub Exploit DB Packet Storm

265449	8.8	HIGH Network	mozilla oracle	firefox linux	Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a scrip…	CWE-416 Use After Free	CVE-2016-5259	2024-11-21 11:53	2016-08-5	Show	GitHub Exploit DB Packet Storm

265450	8.8	HIGH Network	oracle mozilla	linux firefox	Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free…	CWE-416 Use After Free	CVE-2016-5258	2024-11-21 11:53	2016-08-5	Show	GitHub Exploit DB Packet Storm