Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":April 29, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 253121 | 9.3 | 危険 | マイクロソフト | - | Microsoft Internet Explorer に脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-3672 | 2010-01-14 12:08 | 2009-11-25 | Show | GitHub Exploit DB Packet Storm |
| 253122 | 9.3 | 危険 | サン・マイクロシステムズ VMware |
- | Sun Java SE の java.lang パッケージにおける脆弱性 |
CWE-362
競合状態 |
CVE-2009-2724 | 2010-01-14 12:08 | 2009-08-10 | Show | GitHub Exploit DB Packet Storm |
| 253123 | 10 | 危険 | サン・マイクロシステムズ VMware |
- | Sun Java SE の Provider クラスにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-2721 | 2010-01-14 12:08 | 2009-08-10 | Show | GitHub Exploit DB Packet Storm |
| 253124 | 5 | 警告 | 有限会社シースリー | - | WebCalenderC3 におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2010-0348 | 2010-01-12 15:01 | 2010-01-12 | Show | GitHub Exploit DB Packet Storm |
| 253125 | 4.3 | 警告 | 有限会社シースリー | - | WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-0349 | 2010-01-12 15:00 | 2010-01-12 | Show | GitHub Exploit DB Packet Storm |
| 253126 | 10 | 危険 | サイバートラスト株式会社 XEmacs |
- | XEmacs の glyphs-eimage.c における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-2688 | 2010-01-12 14:48 | 2009-08-5 | Show | GitHub Exploit DB Packet Storm |
| 253127 | 6.8 | 警告 | IBM | - | IBM WebSphere Application Server (WAS) におけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2009-2746 | 2010-01-12 14:48 | 2009-11-13 | Show | GitHub Exploit DB Packet Storm |
| 253128 | 5 | 警告 | アップル | - | Apple Safari におけるローカル HTML ファイルを読まれる脆弱性 |
CWE-Other
その他 |
CVE-2009-2842 | 2010-01-7 12:09 | 2009-11-11 | Show | GitHub Exploit DB Packet Storm |
| 253129 | 5.5 | 警告 | シックス・アパート株式会社 | - | Movable Type におけるアクセス制限回避の脆弱性 |
CWE-264
認可・権限・アクセス制御 |
- | 2010-01-6 15:01 | 2010-01-6 | Show | GitHub Exploit DB Packet Storm |
| 253130 | 9.3 | 危険 | マイクロソフト | - | Microsoft Office Word および Open XML File Format Converter における、任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-3135 | 2010-01-6 14:44 | 2009-11-10 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:April 29, 2026, 4:51 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 280831 | - | symantec | encryption_management_server | The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of ar… |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2014-1643 | 2024-11-21 11:04 | 2014-02-7 | Show | GitHub Exploit DB Packet Storm | |
| 280832 | - | citrix |
xenmobile_device_manager xenmobile_device_manager_mdm |
Unspecified vulnerability in Citrix XenMobile Device Manager server (formerly Zenprise Device Manager server) 8.5, 8.6, and MDM 8.0.1 allows remote attackers to obtain sensitive information via unkno… |
NVD-CWE-noinfo
|
CVE-2014-1663 | 2024-11-21 11:04 | 2014-02-7 | Show | GitHub Exploit DB Packet Storm | |
| 280833 | - |
mozilla oracle fedoraproject suse opensuse debian canonical |
network_security_services seamonkey firefox firefox_esr thunderbird enterprise_manager_ops_center vm_server fedora linux_enterprise_desktop linux_enterprise_server opens… |
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does n… |
CWE-326
Inadequate Encryption Strength |
CVE-2014-1491 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 280834 | - |
mozilla oracle fedoraproject suse opensuse debian canonical |
network_security_services seamonkey firefox firefox_esr thunderbird enterprise_manager_ops_center vm_server fedora linux_enterprise_desktop linux_enterprise_server opens… |
Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24… |
CWE-362
Race Condition |
CVE-2014-1490 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 280835 | - |
oracle suse mozilla opensuse_project opensuse canonical |
solaris linux_enterprise_desktop linux_enterprise_server linux_enterprise_software_development_kit firefox opensuse ubuntu_linux |
Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore… |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2014-1489 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 280836 | - |
mozilla canonical oracle suse opensuse |
seamonkey firefox ubuntu_linux solaris linux_enterprise_desktop linux_enterprise_server opensuse linux_enterprise_software_development_kit |
The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that ha… |
NVD-CWE-noinfo
|
CVE-2014-1488 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 280837 | - |
mozilla oracle canonical suse opensuse |
seamonkey firefox solaris ubuntu_linux linux_enterprise_desktop linux_enterprise_server opensuse linux_enterprise_software_development_kit |
The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directiv… |
NVD-CWE-noinfo
|
CVE-2014-1485 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 280838 | - |
suse mozilla opensuse_project opensuse oracle |
linux_enterprise_desktop linux_enterprise_server linux_enterprise_software_development_kit firefox opensuse solaris |
Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application. |
CWE-200
Information Exposure |
CVE-2014-1484 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 280839 | - |
oracle canonical mozilla suse opensuse |
solaris ubuntu_linux seamonkey firefox linux_enterprise_desktop linux_enterprise_server opensuse suse_linux_enterprise_software_development_kit |
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain t… |
CWE-1021
Improper Restriction of Rendered UI Layers or Frames |
CVE-2014-1483 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm | |
| 280840 | - |
suse opensuse oracle canonical mozilla |
linux_enterprise_desktop linux_enterprise_server opensuse linux_enterprise_software_development_kit solaris ubuntu_linux seamonkey firefox |
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjac… |
CWE-1021
Improper Restriction of Rendered UI Layers or Frames |
CVE-2014-1480 | 2024-11-21 11:04 | 2014-02-6 | Show | GitHub Exploit DB Packet Storm |