Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256521	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer に脆弱性	CWE-94 コード・インジェクション	CVE-2009-3672	2010-01-14 12:08	2009-11-25	Show	GitHub Exploit DB Packet Storm

256522	9.3	危険	サン・マイクロシステムズ VMware	-	Sun Java SE の java.lang パッケージにおける脆弱性	CWE-362 競合状態	CVE-2009-2724	2010-01-14 12:08	2009-08-10	Show	GitHub Exploit DB Packet Storm

256523	10	危険	サン・マイクロシステムズ VMware	-	Sun Java SE の Provider クラスにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-2721	2010-01-14 12:08	2009-08-10	Show	GitHub Exploit DB Packet Storm

256524	5	警告	有限会社シースリー	-	WebCalenderC3 におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0348	2010-01-12 15:01	2010-01-12	Show	GitHub Exploit DB Packet Storm

256525	4.3	警告	有限会社シースリー	-	WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0349	2010-01-12 15:00	2010-01-12	Show	GitHub Exploit DB Packet Storm

256526	10	危険	サイバートラスト株式会社 XEmacs	-	XEmacs の glyphs-eimage.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-2688	2010-01-12 14:48	2009-08-5	Show	GitHub Exploit DB Packet Storm

256527	6.8	警告	IBM	-	IBM WebSphere Application Server (WAS) におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-2746	2010-01-12 14:48	2009-11-13	Show	GitHub Exploit DB Packet Storm

256528	5	警告	アップル	-	Apple Safari におけるローカル HTML ファイルを読まれる脆弱性	CWE-Other その他	CVE-2009-2842	2010-01-7 12:09	2009-11-11	Show	GitHub Exploit DB Packet Storm

256529	5.5	警告	シックス・アパート株式会社	-	Movable Type におけるアクセス制限回避の脆弱性	CWE-264 認可・権限・アクセス制御	-	2010-01-6 15:01	2010-01-6	Show	GitHub Exploit DB Packet Storm

256530	9.3	危険	マイクロソフト	-	Microsoft Office Word および Open XML File Format Converter における、任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3135	2010-01-6 14:44	2009-11-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248621	9.8	CRITICAL Network	debian redhat mozilla	debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus firefox fir…	A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This …	CWE-416 Use After Free	CVE-2017-7809	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248622	8.1	HIGH Network	debian redhat mozilla	debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus firefox fir…	A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifes…	CWE-20 Improper Input Validation	CVE-2017-7807	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248623	7.5	HIGH Network	mozilla debian	firefox thunderbird debian_linux	During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space a…	CWE-416 Use After Free	CVE-2017-7805	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248624	7.5	HIGH Network	mozilla	firefox firefox_esr thunderbird	The destructor function for the "WindowsDllDetourPatcher" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location i…	CWE-20 Improper Input Validation	CVE-2017-7804	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248625	7.5	HIGH Network	redhat debian mozilla	enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus debian_linux thunderbird firefox firefox_…	When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbi…	CWE-269 Improper Privilege Management	CVE-2017-7803	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248626	6.1	MEDIUM Network	mozilla	firefox	JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficul…	CWE-79 Cross-site Scripting	CVE-2017-7799	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248627	7.5	HIGH Network	mozilla	firefox	Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerabilit…	CWE-346 Origin Validation Error	CVE-2017-7797	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248628	4.7	MEDIUM Local	mozilla	firefox	On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line …	CWE-20 Improper Input Validation	CVE-2017-7796	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248629	7.8	HIGH Local	mozilla	firefox	On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no wr…	CWE-276 Incorrect Default Permissions	CVE-2017-7794	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm

248630	9.8	CRITICAL Network	debian redhat mozilla	debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus firefox fir…	A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exp…	CWE-416 Use After Free	CVE-2017-7802	2024-11-21 12:32	2018-06-12	Show	GitHub Exploit DB Packet Storm