Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254691	7.6	危険	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	Mozilla Firefox/SeaMonkey における任意の JavaScript を実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3986	2010-01-29 09:54	2009-12-15	Show	GitHub Exploit DB Packet Storm

254692	6.8	警告	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	Mozilla Firefox/SeaMonkey におけるコンテンツを偽装される脆弱性	CWE-Other その他	CVE-2009-3985	2010-01-29 09:53	2009-12-15	Show	GitHub Exploit DB Packet Storm

254693	6.8	警告	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	Mozilla Firefox/SeaMonkey における http URL または file URL の SSL インジケータを偽装される脆弱性	CWE-Other その他	CVE-2009-3984	2010-01-29 09:53	2009-12-15	Show	GitHub Exploit DB Packet Storm

254694	6.8	警告	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	Mozilla Firefox/SeaMonkey における認証されたリクエストを任意のアプリケーションに送信される脆弱性	CWE-Other その他	CVE-2009-3983	2010-01-29 09:53	2009-12-15	Show	GitHub Exploit DB Packet Storm

254695	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の libtheora における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2009-3389	2010-01-28 12:16	2009-12-15	Show	GitHub Exploit DB Packet Storm

254696	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の liboggplay における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-3388	2010-01-28 12:16	2009-12-15	Show	GitHub Exploit DB Packet Storm

254697	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の JavaScript エンジンにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2009-3982	2010-01-28 12:16	2009-12-15	Show	GitHub Exploit DB Packet Storm

254698	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2009-3981	2010-01-28 12:16	2009-12-15	Show	GitHub Exploit DB Packet Storm

254699	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-3980	2010-01-28 12:15	2009-12-15	Show	GitHub Exploit DB Packet Storm

254700	10	危険	アドビシステムズ	-	Adobe Flash Media Server におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-3792	2010-01-27 10:02	2009-12-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
255941	7.8	HIGH Local	mozilla	network_security_services	The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted ce…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-11697	2024-11-21 12:08	2017-12-28	Show	GitHub Exploit DB Packet Storm

255942	7.8	HIGH Local	mozilla	network_security_services	Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted c…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-11696	2024-11-21 12:08	2017-12-28	Show	GitHub Exploit DB Packet Storm

255943	7.8	HIGH Local	mozilla	network_security_services	Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted ce…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-11695	2024-11-21 12:08	2017-12-28	Show	GitHub Exploit DB Packet Storm

255944	5.4	MEDIUM Network	synology	photo_station	Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.8.0-3456 allows remote authenticated users to inject arbitrary web scripts or HTML via the id par…	CWE-79 Cross-site Scripting	CVE-2017-12072	2024-11-21 12:08	2017-12-21	Show	GitHub Exploit DB Packet Storm

255945	8.8	HIGH Network	mt4	senhasegura	A Session Fixation Vulnerability exists in the MT4 Networks SenhaSegura Web Application 2.2.23.8 via login_if.php.	CWE-384 Session Fixation	CVE-2017-11562	2024-11-21 12:08	2017-12-19	Show	GitHub Exploit DB Packet Storm

255946	6.5	MEDIUM Network	microsoft	office	Microsoft Office 2016 Click-to-Run (C2R) allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosu…	CWE-200 Information Exposure	CVE-2017-11939	2024-11-21 12:08	2017-12-13	Show	GitHub Exploit DB Packet Storm

255947	8.8	HIGH Network	microsoft	sharepoint_enterprise_server	Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".	CWE-20 Improper Input Validation	CVE-2017-11936	2024-11-21 12:08	2017-12-13	Show	GitHub Exploit DB Packet Storm

255948	7.8	HIGH Local	microsoft	office	Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-11935	2024-11-21 12:08	2017-12-13	Show	GitHub Exploit DB Packet Storm

255949	5.5	MEDIUM Local	microsoft	office	Microsoft Office 2013 RT SP1, Microsoft Office 2013 SP1, and Microsoft Office 2016 allow an information disclosure vulnerability due to the way certain functions handle objects in memory, aka "Micros…	CWE-200 Information Exposure	CVE-2017-11934	2024-11-21 12:08	2017-12-13	Show	GitHub Exploit DB Packet Storm

255950	8.1	HIGH Network	microsoft	exchange_server	Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 CU5 allow a spoofing vulnerability due to the way Outlook Web Access (OWA) validates web requests, aka "Microsoft Exchange Spoofi…	CWE-20 Improper Input Validation	CVE-2017-11932	2024-11-21 12:08	2017-12-13	Show	GitHub Exploit DB Packet Storm