Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
253051 4.3 警告 ヒューレット・パッカード - HP Web Jetadmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-2011 2012-06-15 16:36 2012-05-31 Show GitHub Exploit DB Packet Storm
253052 7.2 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内の win32k.sys における整数オーバーフローの脆弱性 CWE-399
リソース管理の問題
CVE-2012-1867 2012-06-15 16:36 2012-06-12 Show GitHub Exploit DB Packet Storm
253053 4.3 警告 シスコシステムズ - 複数の Cisco 製品の SIP の実装におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-2545 2012-06-15 16:35 2012-06-12 Show GitHub Exploit DB Packet Storm
253054 6.9 警告 マイクロソフト - Microsoft Windows の win32k.sys のスレッド生成の実装における権限昇格の脆弱性 CWE-362
競合状態
CVE-2012-1868 2012-06-15 16:35 2012-06-12 Show GitHub Exploit DB Packet Storm
253055 4.3 警告 マイクロソフト - Microsoft Internet Explorer におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-1872 2012-06-15 16:33 2012-06-12 Show GitHub Exploit DB Packet Storm
253056 4.3 警告 マイクロソフト - Microsoft Internet Explorer におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2012-1873 2012-06-15 16:33 2012-06-12 Show GitHub Exploit DB Packet Storm
253057 6 警告 EFS Technology - AutoFORM PDM Archive におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2012-3347 2012-06-15 16:26 2012-06-13 Show GitHub Exploit DB Packet Storm
253058 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2012-1874 2012-06-15 16:26 2012-06-12 Show GitHub Exploit DB Packet Storm
253059 9.3 危険 マイクロソフト - Microsoft Internet Explorer 8 における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2012-1875 2012-06-15 16:25 2012-06-12 Show GitHub Exploit DB Packet Storm
253060 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2012-1877 2012-06-15 16:23 2012-06-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
259711 3.3 LOW
Local
mozilla firefox The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the … CWE-538
 File and Directory Information Exposure
CVE-2017-5387 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259712 7.3 HIGH
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
firefox
fir…
WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensio… NVD-CWE-noinfo
CVE-2017-5386 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259713 9.8 CRITICAL
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vul… NVD-CWE-noinfo
CVE-2017-5390 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259714 7.5 HIGH
Network
mozilla firefox Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using thi… CWE-200
Information Exposure
CVE-2017-5385 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259715 5.9 MEDIUM
Network
mozilla firefox Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of… CWE-200
Information Exposure
CVE-2017-5384 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259716 5.3 MEDIUM
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird
URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability a… CWE-20
 Improper Input Validation 
CVE-2017-5383 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259717 7.5 HIGH
Network
mozilla firefox Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vu… CWE-200
Information Exposure
CVE-2017-5382 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259718 7.5 HIGH
Network
mozilla firefox The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe loca… CWE-22
Path Traversal
CVE-2017-5381 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259719 9.8 CRITICAL
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird
A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. CWE-416
 Use After Free
CVE-2017-5380 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259720 7.5 HIGH
Network
mozilla firefox Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox < 51. CWE-416
 Use After Free
CVE-2017-5379 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm