Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252341 10 危険 Mozilla Foundation
レッドハット		 - 複数の Mozilla 製品におけるクローム特権で任意の JavaScript を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-2984 2011-09-7 11:35 2011-08-16 Show GitHub Exploit DB Packet Storm
252342 7.2 危険 Mozilla Foundation - Mozilla Firefox における権限昇格の脆弱性 CWE-Other
その他 		CVE-2011-2980 2011-09-7 11:34 2011-08-16 Show GitHub Exploit DB Packet Storm
252343 10 危険 Mozilla Foundation
レッドハット		 - 複数の Mozilla 製品の appendChild 関数における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-2378 2011-09-7 11:33 2011-08-16 Show GitHub Exploit DB Packet Storm
252344 9.3 危険 Mozilla Foundation
レッドハット		 - 複数の Mozilla 製品のイベント管理実装における同一生成元ポリシーを回避される脆弱性 CWE-16
環境設定 		CVE-2011-2981 2011-09-7 11:32 2011-08-16 Show GitHub Exploit DB Packet Storm
252345 10 危険 Mozilla Foundation
レッドハット		 - 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-2982 2011-09-7 11:31 2011-08-16 Show GitHub Exploit DB Packet Storm
252346 5 警告 Mozilla Foundation - 複数の Mozilla 製品における同一生成元ポリシーを回避される脆弱性 CWE-200
情報漏えい 		CVE-2011-2986 2011-09-6 10:54 2011-08-16 Show GitHub Exploit DB Packet Storm
252347 5 警告 Mozilla Foundation - Mozilla Firefox および SeaMonkey の CSP violation reports 実装における重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-2990 2011-09-6 10:53 2011-08-16 Show GitHub Exploit DB Packet Storm
252348 10 危険 Mozilla Foundation - 複数の Mozilla 製品の WebGL 実装で使用される ANGLE におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2987 2011-09-6 10:52 2011-08-16 Show GitHub Exploit DB Packet Storm
252349 10 危険 Mozilla Foundation - 複数の Mozilla 製品の WebGL shader 実装におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2988 2011-09-6 10:51 2011-08-16 Show GitHub Exploit DB Packet Storm
252350 9.3 危険 Mozilla Foundation - Mozilla Firefox および SeaMonkey における同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-2993 2011-09-6 10:50 2011-08-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
253531 6.5 MEDIUM
Network 		atlassian jira
jira_server 		Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version… CWE-862
 Missing Authorization 		CVE-2017-18101 2024-11-21 12:19 2018-04-10 Show GitHub Exploit DB Packet Storm
253532 6.1 MEDIUM
Network 		atlassian jira The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of quick fi… CWE-79
Cross-site Scripting 		CVE-2017-18100 2024-11-21 12:19 2018-04-10 Show GitHub Exploit DB Packet Storm
253533 6.5 MEDIUM
Network 		xmlsoft libxml2 The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not r… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2017-18258 2024-11-21 12:19 2018-04-9 Show GitHub Exploit DB Packet Storm
253534 6.1 MEDIUM
Network 		atlassian jira The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through various fie… CWE-79
Cross-site Scripting 		CVE-2017-18098 2024-11-21 12:19 2018-04-6 Show GitHub Exploit DB Packet Storm
253535 5.4 MEDIUM
Network 		atlassian jira The Trello board importer resource in Atlassian Jira before version 7.6.1 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaSc… CWE-79
Cross-site Scripting 		CVE-2017-18097 2024-11-21 12:19 2018-04-6 Show GitHub Exploit DB Packet Storm
253536 5.5 MEDIUM
Local 		linux
debian 		linux_kernel
debian_linux 		The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate s… CWE-190
 Integer Overflow or Wraparound 		CVE-2017-18257 2024-11-21 12:19 2018-04-5 Show GitHub Exploit DB Packet Storm
253537 7.2 HIGH
Network 		atlassian application_links The OAuth status rest resource in Atlassian Application Links before version 5.2.7, from 5.3.0 before 5.3.4 and from 5.4.0 before 5.4.3 allows remote attackers with administrative rights to access th… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2017-18096 2024-11-21 12:19 2018-04-4 Show GitHub Exploit DB Packet Storm
253538 6.5 MEDIUM
Network 		brave brave_browser Brave Browser before 0.13.0 allows remote attackers to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled. NVD-CWE-noinfo
CVE-2017-18256 2024-11-21 12:19 2018-04-4 Show GitHub Exploit DB Packet Storm
253539 9.8 CRITICAL
Network 		google android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in MMCP, a downlink message is not b… CWE-20
 Improper Input Validation  		CVE-2017-18147 2024-11-21 12:19 2018-04-4 Show GitHub Exploit DB Packet Storm
253540 7.8 HIGH
Local 		linux linux_kernel The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified … CWE-190
 Integer Overflow or Wraparound 		CVE-2017-18255 2024-11-21 12:19 2018-04-1 Show GitHub Exploit DB Packet Storm