Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256841	9.3	危険	マイクロソフト	-	Microsoft Windows の Indeo コーデックにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-4311	2010-01-25 11:52	2009-12-8	Show	GitHub Exploit DB Packet Storm

256842	9.3	危険	マイクロソフト	-	Indeo コーデックに複数の脆弱性	CWE-119 バッファエラー	CVE-2009-4310	2010-01-25 11:52	2009-12-15	Show	GitHub Exploit DB Packet Storm

256843	9.3	危険	マイクロソフト	-	Microsoft Windows の Windows Media Player 用の Intel Indeo41 コーデックにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4309	2010-01-25 11:51	2009-12-8	Show	GitHub Exploit DB Packet Storm

256844	9.3	危険	マイクロソフト	-	Microsoft Windows の Indeo コーデックにおけるサービス運用妨害 (DoS) の脆弱性	CWE-94 コード・インジェクション	CVE-2009-4210	2010-01-25 11:51	2009-12-8	Show	GitHub Exploit DB Packet Storm

256845	5	警告	アップルサイバートラスト株式会社 IPsec-Tools レッドハット	-	Ipsec-tools の証明書検証および NAT-Traversal におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-1632	2010-01-25 11:48	2009-05-14	Show	GitHub Exploit DB Packet Storm

256846	4	警告	PostgreSQL.org サイバートラスト株式会社ターボリナックスサン・マイクロシステムズレッドハット	-	PostgreSQL のエラーメッセージの変換処理に関するサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-0922	2010-01-25 11:48	2009-03-17	Show	GitHub Exploit DB Packet Storm

256847	5.7	警告	日本電気インターネットイニシアティブヤマハ古河電気工業	-	IPv6 を実装した複数の製品にサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	-	2010-01-25 11:47	2009-10-26	Show	GitHub Exploit DB Packet Storm

256848	9.3	危険	マイクロソフト	-	複数の Microsoft 製品のテキストコンバーターにおける整数オーバーフローの脆弱性	CWE-94 コード・インジェクション	CVE-2009-2506	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

256849	9	危険	マイクロソフト	-	Microsoft Windows の Active Directory フェデレーションサービスにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2009-2509	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

256850	6.9	警告	マイクロソフト	-	Microsoft Windows の Active Directory フェデレーションサービスのシングルサインオン実装における認証情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2009-2508	2010-01-22 10:27	2009-12-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
285941	-		suse opensuse oracle canonical mozilla	linux_enterprise_desktop linux_enterprise_server opensuse linux_enterprise_software_development_kit solaris ubuntu_linux seamonkey firefox	The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjac…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2014-1480	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285942	7.5	HIGH Network	mozilla fedoraproject opensuse suse canonical debian redhat	seamonkey firefox firefox_esr thunderbird fedora opensuse suse_linux_enterprise_software_development_kit suse_linux_enterprise_desktop suse_linux_enterprise_server ubuntu_l…	The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Polic…	CWE-346 Origin Validation Error	CVE-2014-1487	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285943	9.8	CRITICAL Network	mozilla fedoraproject opensuse suse debian canonical redhat	seamonkey firefox firefox_esr thunderbird fedora opensuse suse_linux_enterprise_software_development_kit suse_linux_enterprise_desktop suse_linux_enterprise_server debian_l…	Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers t…	CWE-416 Use After Free	CVE-2014-1486	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285944	8.8	HIGH Network	mozilla canonical debian redhat fedoraproject opensuse suse	seamonkey firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_server enterprise_linux_server_eus enterprise_linux_workstation enterprise_linux_server…	RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attacke…	CWE-787 Out-of-bounds Write	CVE-2014-1482	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285945	7.5	HIGH Network	mozilla fedoraproject opensuse suse redhat debian canonical	seamonkey firefox firefox_esr thunderbird fedora opensuse suse_linux_enterprise_software_development_kit suse_linux_enterprise_desktop suse_linux_enterprise_server enterpri…	Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging in…	NVD-CWE-noinfo	CVE-2014-1481	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285946	7.5	HIGH Network	mozilla canonical debian redhat fedoraproject opensuse suse	seamonkey firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_server enterprise_linux_server_eus enterprise_linux_workstation enterprise_linux_server…	The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operatio…	NVD-CWE-noinfo	CVE-2014-1479	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285947	-		mozilla canonical opensuse oracle	seamonkey firefox ubuntu_linux opensuse solaris	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and applicat…	CWE-787 Out-of-bounds Write	CVE-2014-1478	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285948	-		hiphop_virtual_machine_for_php_project	hiphop_virtual_machine_for_php	The libxml_disable_entity_loader function in runtime/ext/ext_simplexml.cpp in HipHop Virtual Machine for PHP (HHVM) before 2.4.0 and 2.3.x before 2.3.3 does not properly disable a certain libxml hand…	NVD-CWE-Other	CVE-2014-1439	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285949	9.8	CRITICAL Network	mozilla canonical debian redhat fedoraproject opensuse suse	seamonkey firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_server enterprise_linux_server_eus enterprise_linux_workstation enterprise_linux_server…	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to c…	NVD-CWE-noinfo	CVE-2014-1477	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285950	-		easyxdm	easyxdm	Cross-site scripting (XSS) vulnerability in name.html in easyXDM before 2.4.19 allows remote attackers to inject arbitrary web script or HTML via the location.hash value.	CWE-79 Cross-site Scripting	CVE-2014-1403	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm