Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 16, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 255741 | 7.2 | 危険 | IBM | - | IBM DB2 の Engine Utilities コンポーネントの db2licm における脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-4330 | 2010-02-4 11:18 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 255742 | 4 | 警告 | IBM | - | IBM DB2 の Engine Utilities コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-4329 | 2010-02-4 11:18 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 255743 | 7.2 | 危険 | サイバートラスト株式会社 Linux |
- | Linux kernel の kvm_dev_ioctl_get_supported_cpuid 関数における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-3638 | 2010-02-3 14:35 | 2009-10-29 | Show | GitHub Exploit DB Packet Storm |
| 255744 | 5 | 警告 | Linear LLC S2 Security |
- | Linear eMerge のマネージメントコンポーネントにおけるサービス運用妨害 (DoS) |
CWE-noinfo
情報不足 |
CVE-2009-3734 | 2010-02-3 14:35 | 2010-01-5 | Show | GitHub Exploit DB Packet Storm |
| 255745 | 7.5 | 危険 | The PHP Group LibGD project サイバートラスト株式会社 レッドハット |
- | PHP および GD Graphics Library の _gdGetColors 関数におけるバッファオーバーフローの脆弱性 |
CWE-Other
その他 |
CVE-2009-3546 | 2010-02-3 14:34 | 2009-10-19 | Show | GitHub Exploit DB Packet Storm |
| 255746 | 6.8 | 警告 | GNU Project XEmacs サイバートラスト株式会社 |
- | Emacs および XEmacs における .flc ファイルの処理に関する任意のコードを実行される脆弱性 |
CWE-DesignError
|
CVE-2008-2142 | 2010-02-2 11:43 | 2008-05-12 | Show | GitHub Exploit DB Packet Storm |
| 255747 | 3.5 | 注意 | Drupal サイバートラスト株式会社 |
- | Drupal の Menu モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4370 | 2010-02-2 11:43 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 255748 | 3.5 | 注意 | Drupal サイバートラスト株式会社 |
- | Drupal の Contact モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4369 | 2010-02-2 11:42 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 255749 | 7.5 | 危険 | 日立 | - | Cosminexus、Processing Kit for XML および Hitachi Developer's Kit for Java におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
- | 2010-02-2 11:42 | 2009-12-22 | Show | GitHub Exploit DB Packet Storm |
| 255750 | 4.3 | 警告 | VMware | - | 複数の VMware 製品におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3731 | 2010-02-1 11:52 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 16, 2026, 4 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 247681 | 6.5 |
MEDIUM
Network |
debian mozilla redhat |
debian_linux firefox firefox_esr thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_… |
The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability aff… |
NVD-CWE-noinfo
|
CVE-2017-7830 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 247682 | 5.3 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_aus enterprise_linux_eus debian_linux ubuntu_linux |
It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the di… |
CWE-20
Improper Input Validation |
CVE-2017-7829 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 247683 | 9.8 |
CRITICAL
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus firefox firefox_esr thunderb… |
A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during th… |
CWE-416
Use After Free |
CVE-2017-7828 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 247684 | 9.8 |
CRITICAL
Network |
mozilla | firefox | Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-7827 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 247685 | 9.8 |
CRITICAL
Network |
debian redhat canonical mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus ubuntu_linux firefox firefox… |
Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploit… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-7826 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 247686 | 5.3 |
MEDIUM
Network |
debian mozilla |
debian_linux firefox firefox_esr thunderbird |
Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only… |
CWE-20
Improper Input Validation |
CVE-2017-7825 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 247687 | 9.8 |
CRITICAL
Network |
redhat debian mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_aus enterprise_linux_eus debian_linux firefox firefox_esr thunderbird |
A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks … |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-7824 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 247688 | 5.4 |
MEDIUM
Network |
redhat debian mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus debian_linux firefox firefox_esr thunderb… |
The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified. This could all… |
CWE-79
Cross-site Scripting |
CVE-2017-7823 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 247689 | 5.3 |
MEDIUM
Network |
mozilla | firefox | The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authenti… |
NVD-CWE-noinfo
|
CVE-2017-7822 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 247690 | 9.8 |
CRITICAL
Network |
mozilla | firefox | A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open a… |
CWE-732
Incorrect Permission Assignment for Critical Resource |
CVE-2017-7821 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |