Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256471 10 危険 アップル - Apple Mac OS X の Mail における脆弱性 CWE-noinfo
情報不足 		CVE-2010-0508 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
256472 6.8 警告 アップル - Apple Mac OS X の画像 RAW におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0507 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
256473 6.8 警告 アップル - Apple Mac OS X の画像 RAW におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0506 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
256474 6.8 警告 アップル - Apple Mac OS X の ImageIO における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0505 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
256475 7.5 危険 アップル - Apple Mac OS X の iChat サーバにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0504 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
256476 6.5 警告 アップル - Apple Mac OS X の iChat サーバにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0503 2010-04-14 17:10 2010-03-29 Show GitHub Exploit DB Packet Storm
256477 4.3 警告 アップル - Apple Mac OS X の iChat サーバにおけるメッセージの監査を回避可能な脆弱性 CWE-DesignError
CVE-2010-0502 2010-04-14 17:10 2010-03-29 Show GitHub Exploit DB Packet Storm
256478 5 警告 アップル
レッドハット
jabberd 2.x project		 - Jabber Studio jabberd の SASL ネゴシエーションにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-1329 2010-04-14 17:10 2006-03-21 Show GitHub Exploit DB Packet Storm
256479 7.2 危険 アップル - Apple Mac OS X の FTP サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0501 2010-04-14 17:10 2010-03-29 Show GitHub Exploit DB Packet Storm
256480 7.5 危険 アップル - Apple Mac OS X の FreeRADIUS サーバにおけるネットワーク接続を確立される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0524 2010-04-14 17:10 2010-03-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
250841 9.8 CRITICAL
Network 		mozilla firefox Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potent… NVD-CWE-noinfo
CVE-2017-5391 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
250842 6.1 MEDIUM
Network 		mozilla firefox WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. Thi… CWE-601
Open Redirect 		CVE-2017-5389 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
250843 7.5 HIGH
Network 		mozilla firefox A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on … CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2017-5388 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
250844 3.3 LOW
Local 		mozilla firefox The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the … CWE-538
 File and Directory Information Exposure 		CVE-2017-5387 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
250845 7.3 HIGH
Network 		debian
redhat
mozilla 		debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
firefox
fir… 		WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensio… NVD-CWE-noinfo
CVE-2017-5386 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
250846 9.8 CRITICAL
Network 		debian
redhat
mozilla 		debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird 		The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vul… NVD-CWE-noinfo
CVE-2017-5390 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
250847 7.5 HIGH
Network 		mozilla firefox Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using thi… CWE-200
Information Exposure 		CVE-2017-5385 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
250848 5.9 MEDIUM
Network 		mozilla firefox Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of… CWE-200
Information Exposure 		CVE-2017-5384 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
250849 5.3 MEDIUM
Network 		debian
redhat
mozilla 		debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
thunderbird 		URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability a… CWE-20
 Improper Input Validation  		CVE-2017-5383 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm
250850 7.5 HIGH
Network 		mozilla firefox Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vu… CWE-200
Information Exposure 		CVE-2017-5382 2024-11-21 12:27 2018-06-12 Show GitHub Exploit DB Packet Storm