Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
253991 4.3 警告 Ruby on Rails project - Ruby on Rails の strip_tags ヘルパーにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-2931 2012-03-27 18:43 2011-08-16 Show GitHub Exploit DB Packet Storm
253992 7.5 危険 Ruby on Rails project - Ruby on Rails の quote_table_name メソッドにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-2930 2012-03-27 18:43 2011-08-16 Show GitHub Exploit DB Packet Storm
253993 5 警告 Ruby on Rails project - Ruby on Rails のテンプレート選択機能における任意のビューを表示される脆弱性 CWE-20
不適切な入力確認
CVE-2011-2929 2012-03-27 18:43 2011-08-17 Show GitHub Exploit DB Packet Storm
253994 4.9 警告 Linux - Linux kernel の befs_follow_link 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2011-2928 2012-03-27 18:43 2011-08-29 Show GitHub Exploit DB Packet Storm
253995 7.5 危険 Adaptive Computing - Terascale Open-Source Resource におけるホストベースの認証を回避される脆弱性 CWE-287
不適切な認証
CVE-2011-2907 2012-03-27 18:43 2011-08-15 Show GitHub Exploit DB Packet Storm
253996 6.8 警告 rhythm - tcptrack におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-2903 2012-03-27 18:43 2011-09-2 Show GitHub Exploit DB Packet Storm
253997 7.5 危険 shttpd
yaSSL
valenok
- Mongoose などの put_dir 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-2900 2012-03-27 18:43 2011-08-5 Show GitHub Exploit DB Packet Storm
253998 5.1 警告 アップル
SWI-Prolog
The GIMP Team
- CUPS などの製品で使用される LZW デコンプレッサにおける無限ループの脆弱性 CWE-119
バッファエラー
CVE-2011-2896 2012-03-27 18:43 2011-08-19 Show GitHub Exploit DB Packet Storm
253999 4.3 警告 IBM - IBM Lotus Symphony 3 の DataPilot 機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2011-2893 2012-03-27 18:43 2011-07-27 Show GitHub Exploit DB Packet Storm
254000 4.3 警告 Joomla! - Joomla! におけるクリックジャッキング攻撃を誘発する脆弱性 CWE-20
不適切な入力確認
CVE-2011-2892 2012-03-27 18:43 2011-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
259661 7.5 HIGH
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird
A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arra… CWE-129
 Improper Validation of Array Index
CVE-2017-5445 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259662 7.5 HIGH
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird
A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from mem… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2017-5444 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259663 9.8 CRITICAL
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist.… CWE-416
 Use After Free
CVE-2017-5440 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259664 9.8 CRITICAL
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
firefox
thu…
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Fire… CWE-416
 Use After Free
CVE-2017-5439 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259665 9.8 CRITICAL
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affe… CWE-416
 Use After Free
CVE-2017-5438 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259666 8.8 HIGH
Network
debian
redhat
sil
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
graphite2
t…
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as… CWE-787
 Out-of-bounds Write
CVE-2017-5436 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259667 9.8 CRITICAL
Network
redhat
debian
mozilla
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
debian_linux
thunderbird
firefox
firefox_esr
A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR … CWE-416
 Use After Free
CVE-2017-5434 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259668 9.8 CRITICAL
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
firefox
thu…
A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR … CWE-416
 Use After Free
CVE-2017-5432 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259669 9.8 CRITICAL
Network
redhat
mozilla
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
firefox_esr
thunderbird
firefox
Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these c… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2017-5430 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
259670 9.8 CRITICAL
Network
debian
redhat
mozilla
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
firefox
thu…
A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderb… CWE-416
 Use After Free
CVE-2017-5435 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm